SPECIAL  FOCUS:  storage  virtualization 

Storage  virtualization  can  increase  utilization  rates  and  ease  data  migrations,  but 
buyers  need  to  consider  heterogeneous  platform  support  and  other  important  fea¬ 
tures  before  sealing  the  deal.  Page  14. 


Open  source's  security  sticking  point 

Lines  of  communication  with  outside 
security  experts  are  not  always  clear. 

Page  17. 


spectrum  debate 
heats  up 

Using  unlicensed  fre¬ 
quencies  could 
spread  mobile  broad¬ 
band,  but  also  could 
cause  headaches  for 
broadcasters. 

Page  16. 


Making  house  calls 
virtually 

Using  speech  recog¬ 
nition  and  IVR  tech¬ 
nologies,  Boston 
Medical  Center  is 
deploying  automated 
applications  to  handle 
patient  healthcare. 
Page  18. 


RFID  shows  healthy 
returns  at  hospitals 

Wireless  network 
technology  is  being 
used  to  track  every¬ 
thing  from  drugs  to 
doctors. 

Page  24. 


Cyberwar?  What 
cyberwar?! 

Despite  reports  of 
major  cyberwar 
between  opposing 
armies  in  Georgia  and 
Russia,  reality  says 
otherwise. 

Page  37. 


Dropout 
stars  as 
one-man 
IT  shop 

BY  JON  BRODKIN 

Meet  Justin  King  —  the  one- 
man  IT  shop.  At  the  5-year-old 
Human  Neuroimaging  Labora¬ 
tory  at  Baylor 
College  of 
Medicine  in 
Houston,  IT 
plays  a  key  role 
in  innovative 
research  in¬ 
volving  fMRl 
(functional  magnetic  resonance 
imaging)  machines. 

Researchers  and  post-doctoral 
students  at  HNL  spend  their 
time  answering  such  questions 
as:  Why  are  humans  inclined  to 
trust  strangers  in  matters  of 
finance?  and  How  does  aware¬ 
ness  of  a  brand  (such  as  Coca- 
Cola)  influence  our  prefer¬ 
ences,  and  what  does  that  tell  us 
about  the  human  brain?  Behind 
the  scenes  is  an  IT  infrastructure 
with  storage  systems  from  four 
vendors,  30  x86  servers  and  two 
high-performance  computing 
clusters  (See  graphic,  page  34). 
Managing  it  all  is  just  one  man 
See  King,  page  34 


Algorithm  could  breathe 
new  life  into  old  routers 


BY  TIM  GREENE 

A  team  of  computer  scientists  last  week 
detailed  an  algorithm  that  makes  routers 
operate  more  efficiently  by  limiting  the 
number  of  network  route 
or  link-state  updates  they 
receive,  thus  keeping  net¬ 
work  floods  at  bay 

The  algorithm  could  be 
important  in  large,  hetero¬ 
geneous  corporate  net¬ 
works  where  the  oldest, 
slowest  routers  make  all  the  others  wait 
while  they  absorb  updates  and  recalculate 
their  path  tables.  The  Approximate  Link 
State  (XL)  algorithm  suppresses  updates 
so  only  those  routers  that  are  directly 
affected  receive  them,  says  Professor 
Stephan  Savage,  who  with  three  other 
computer  scientists  at  the  University  of 
California  at  San  Diego  developed  the 
algorithm.  He  presented  a  paper  about  XL 
at  the  Association  for  Computing  Mach¬ 


inery’s  conference  of  its  Special  Interest 
Group  on  Data  Communications. 

Without  XL,  routers  flood  the  network 
with  route  updates,  with  every  router 
receiving  every  update.  In 
very  large  networks,  the 
sheer  number  of  routers 
and  inevitable  link-state 
changes  stall  out  routers 
episodically  as  they  recal¬ 
culate. 

As  a  practical  matter, 
however,  not  all  routers  need  to  receive  all 
updates  for  the  network  to  function  well, 
and  limiting  the  updates  actually  makes 
routers  work  better.  “Updates  may  only  be 
relevant  to  very  localized  areas,”  Savage 
says. 

Using  a  map  analogy  to  illustrate  the 
point,  Savage  says  that  a  driver  on  the 
East  Coast  doesn’t  care  if  Interstate  5  is 
flooded  out  in  Portland,  Ore.  “But  meta- 

See  Algorithm,  page  32 


■  Researchers 
are  rethinking  the 
data  center.  See 
story,  page  36. 


IT  manager  and 
Network  World 
columnist  Ron  Nutter 
was  laid  off  in 
February.  It  took  76 
days,  83  job  applica¬ 
tions  and  16  inter¬ 
views  before  he  land¬ 
ed  a  new  position. 
Here's  what  he 
learned  along  the  way. 


a  premium,  greerier  software  can  help  shave  millions  off  your  IT  and  energy  budgets. 
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The  number  one  reason 
I  would  recommend 


This  is  the  real  world,  and  this  is  where  ADTRAN 
stands  apart.  Whether  you  are  a  reseller,  a  small 
business  owner  or  an  established  IT  professional, 
with  ADTRAN  products  you  can  rest  easy.  ADTRAN's 
networking  and  IP  telephony  solutions  offer  business 
class  reliability  and  performance  at  affordable  prices. 
We  stand  behind  our  products  with  industry-leading 
warranties  and  renowned  support, 

Don’t  you  think  it’s  time  to  Get  Real? 


New  NetVanta®  Switches 

ADTRAN  offers  a  full  line  of  business-class, 
high-performance  networking  solutions 
designed  and  built  for  real  value,  including 
our.  new  NetVanta  Series  of  Gigabit,  Power 
over  Ethernet,  and  Fast  Ethernet  switches. 


www.adtran.com/switch 


Smart  Solutions  for  a  Connected  World 
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14  SPECIAL  FOCUS:  Going  virtual  raises 
storage  issues. 
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■The  Dash 
Express  in- 
car  GPS 
navigation 
device  in¬ 
cludes  a 
wide-area 
wireless 
connection. 
See  Cool  Tools, 
page  29. 


GOODBADUGLY 


MIT  security  sleuths  free  to  talk 

A  U.S.  District  court  judge 
onTuesday  dissolved  a  gag 
order  against  a  trio  of  MIT 
students  who  say  they  found 
flaws  in  the  Massachusetts 
transit  authority's  ticket¬ 
ing  system.They  had 
planned  to  present  details 
of  their  findings  at  the 
Defcon  hacker  confer¬ 
ence  before  a  judge 
imposed  the  gag  follow¬ 
ing  a  motion  by  the 
Massachusetts  Bay 
Transportation  Au¬ 
thority,  which  has 

acknowledged  its  system  has  flaws. 


APPLICATION  SERVICES 

17  Open  source  looks  to  shake  off  secu¬ 
rity  concerns. 

50  Opinion  BackSpin:  Proof  that  IT  is 
crazy. 

SERVICE  PROVIDERS 

20  Opinion  Scott  Bradner:  A  terminal 
delay  in  enhanced  advertising? 

20  Opinion  Johna  Till  Johnson:  Online 
profiling:  DPI's  bad,  data  mining’s  worse. 

50  Opinion  Layer  8:  FTC  bans  pre¬ 
recorded  telemarketing  drivel. 
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TECH  UPDATE 

28  Virtualizing  network  security. 

29  Mark  Gibbs:  Jott  outta  beta,  and 
SliTaz  is  the  boss. 

29  Keith  Shaw:  Gadgets  get  Wi-Fi  right 
(Part  2). 
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blogs,  newsletters  and  videos. 
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Tightening  the  purse  strings 

Research  firm  Gartner  projects  that 
worldwide  IT  spending  growth  will  slow 
to  6%  in  2009,  though  the  firm  says  this 
is  fairly  robust  growth  in  a  generally 
poor  economic  environment.  Gartner 
projects  that  worldwide  IT  spending 
will  total  $3.6  trillion  in  2009,  6%  more 
than  the  $3.4  trillion  it  projected  for 
2008. Total  worldwide  IT  spending  is 
expected  to  grow  by  8%  this  year,  down 
from  10%  in  2007. 

IPv6  not  catching  on 
A  study  has  revealed  how  slow  the  rate 
of  adoption  is  for  IPv6.  “At  its  peak,  IPv6 
represented  less  than  one  hundredth  of 
1  percent  of  Internet  traffic"  over  the 
past  year,”  Arbor  Networks’  Craig 
Labovitz  wrote,  adding:  "This  is  some¬ 
what  equivalent  to  the  allowed  parts  of 
contaminants  in  drinking  water.” 


IT  manager  and  Network 
World  columnist  Ron 
Nutter  was  laid  off  in 
February.  It  took  76  days, 
83  job  applications  and  16 
interviews  before  he 
landed  a  new  position. 
Here’s  what  he  learned 
along  the  way. 

Page  38 


A  snapshot  of  how  networkworld.com 
visitors  voted  on  a  key  networking  issue 
last  week: 


Do  you  think  Microsoft  security 


is  improving? 

Hard  to  tell, 
security  is  harder 
in  every  way  13% 


Yes,  it's  better 
than  it  has  been 

37% 


Not  even  a 
little  24% - 


Somewhat, 
but  it's  still 
awful  28% 


Total  voters  for  this  poll:  123 

Vote  and  discuss:  www.nwdocfinder.com/6336 
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PEERSAY 


Give  MIT  kids  a  medal  for 
uncovering  subway-pass  holes 

Re:  Judge  dissolves  gag  order  against  MIT 
students  (www.nwdocfinder.com/6322): 

Seriously,  the  MBTA  should  be  thanking 
them  and  rewarding  them,  instead  of  suing 
them.  The  MBTA  should  be  happy  that  they 
now  know  of  the  problem  and  can  protect 
themselves  against  a  real  and  very  serious 
attack.  1  guess  that  ignorance  is  bliss  for  the 
MBTA? 

Edgar  F Hilton 

Discuss  at  www.nwdocfinder.com/6323 

Training  as  an  investment 

Re:  Guest  worker,  Part  2  (www.nwdocfind 
er.com/6324): 

I  think  one  of  the  core  problems  here  is  that 
too  many  organizations  have  this  notion  that  if 
they  invest  money  to  train  someone,  then  they 
risk  losing  that  em¬ 
ployee  to  another 
company  So,  on  the 
one  hand,  they  want 
someone  highly 
trained,  but  on  the 
other,  they’re  not  will¬ 
ing  to  spend  the 
resources  to  train 
someone.  This  creates 
a  lose-lose  situation 
where  the  end  result 
is  that  there  are  not 
enough  highly  trained 

individuals  to  go  around,  and  the  same  com¬ 
panies  that  created  this  artificial  shortage  look 
to  bring  in  H-lBs  or  offshore  a  lot  of  the  work. 

The  ironic  thing  is  that  companies  that  take 
a  “risk”  by  investing  in  their  employee  training 
programs  show  a  much  lower  turnover  and 
higher  employee  satisfaction. 

Kjell  Andorsen 

Discuss  at  www.nwdocfinder.com/6324 

Get  over  yourselves,  com¬ 
mand-line  users 

Re:  Cisco  PIX  is  dead  (www.nwdocfind 
er.com/6325): 

Just  because  you  use  a  CL1  does  not  mean 
you  have  more  knowledge.  I  have  been 
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**The  ironic  thing  is  that 
companies  that  take  a  ‘risk’ 
by  investing  in  their  employ¬ 
ee  training  programs  show  a 
much  lower  turnover  and 
higher  employee 
satisfaction.55 


►  SPECIAL  NETWORK  WORLD  FEATURE 


SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
your  cellular 
device. 


■  ■ 


■  ■ 


■ 

■  ■■ 


■  ■■ 


■  ■■■ 
■  ■ 


To  get  the  client 
software,  use  your  phone  browser  to 
visit  wap.connexto.com 

For  more  information  on  code  scanning 
see  www.nww.com/codesciui 


designing  fiber-optic  transport  systems  for  15 
years.  The  equipment  used  includes  CLIs,  as 
well  as  advanced  GUIs.  Ninety-nine  percent  of 
the  time,  I  use  the  GUI.  It  lets  the  user  configure 
the  device  while  thinking  about  what  is  being 
done,  not  remembering  obscure  commands. 

Don’t  kid  yourself.  Cisco’s  encouraging  use 
of  the  CLI  is  a  marketing  tool  as  much  as  any- 
thing.Techs  are  being  churned  out  by  the  tech 
schools  with  CCNA  as  their  credentials.  If 
Cisco’s  CLI  is  all  they  know,  whose  equipment 
are  they  going  to  buy? 

Kevin  Klimek 

Discuss  at  www.nwdocfinder.com/6325 

Comcast  was  blocking  packets 

Re:  ’Net  neutrality  —  Just  the  facts,  please 
(www.nwdocfinder.com/6326): 

It  is  a  matter  of  record  that  Comcast  was 
blocking  24/7. 1  testified  to  that  fact  at  the  FCC 

based  on  my  own 
tests,  which  were  con¬ 
sistent  with  results 
observed  by  [Elec¬ 
tronic  Frontier  Foun¬ 
dation]  staffers. 

Project  Glasnost  at 
the  Max  Planck  Insti¬ 
tute  independently 
came  to  the  same  re¬ 
sult  using  their  open 
source  tests  and  thou¬ 
sands  of  data  points. 

Finally,  Comcast 
admitted  that  their  blocking  occurred  regard¬ 
less  of  the  time  of  day  or  the  actual  amount  of 
traffic  on  the  network  (www.nwdocfinder. 
com/6327). 

Robb  Topolski 

Discuss  at  www.nwdocfinder.com/6326 

Spoof-proof  Internet2 

Re:  IP  spoofing  attacks  —  Mitigation  tech¬ 
niques  (www.nwdocfinder.com/6328): 

How  often  have  you  heard  of  caller  ID  being 
spoofed?  Very  rarely  What  needs  to  be  done  is 
to  make  the  originating  IP  address  inaccessible 
except  for  trusted  gateways.To  the  end  user,  the 
only  ID  for  transport  should  be  the  DNS  name. 
The  user  DNS  name  would  be  mapped  to  a 
transport  ID  address  that  would  be  inaccessi¬ 
ble  to  end  users.  Because  these  IP  transport  ad¬ 
dresses  would  be  temporary  the  need  for  a 
huge  IP-address  pool  would  be  obviated.  This 
change  would  make  possible  an  optional  addi¬ 
tional  security  option  in  that  certain  destina¬ 
tion  DNS  names  could  be  restricted  to  a  pool 
of  privileged  originating  DNS  users.This  would 
be  of  tremendous  advantage  to  the  military 
and  certain  governmental  organizations. 

Louis  A.  Carliner 

Discuss  at  www.nwdocfinder.com/6328 
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Old  Connecticut  Path,  Framingham,  MA  01 701- 
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for  verification. 
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SPHERE 


■  Microsoft  is  developing  a  super  hard 
certification  test.  Randy  Muller  writes  in 
his  All  about  Microsoft  Certifications  blog 
“There  is  a  new  beta  test  running  which 
demonstrates  an  interesting  pattern  at 
Microsoft  for  exams  and  exam  subjects.  The 
new  exam  is  (or  will  be  when  released)  70- 
660:  TS  Windows  Internals.  What  this  exam 
tests  is  the  "deep  technical  skills  in  the  area 
of  Windows  Internals.  Including  trou¬ 
bleshooting  operating  systems  that  are  not 
performing  as  expected  or  applications  that 
are  not  working  correctly,  identifying  code 
defects  and  developing  and  debugging  appli¬ 
cations  that  run  unmanaged  code  or  that  are 
tightly  integrated  with  the  operating  system, 
such  as  Microsoft  SQL  Server,  third  party 
applications,  antivirus  software,  and  device 
drivers.” 

www.nwdocfinder.com/6332 
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Balloons:  The  new 
tool  for  hackers 

Similar  to  wardriving, 
warballooning  is  a  new 
sport,  pioneered  by  Rick 
Hill  and  his  team  at 
Defcon. 

www.nwdocfinder.com/6337 
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Omega  keeping  time 
at  the  Olympics 

This  is  Omega’s  23rd 
time  as  official  Olympic 
timekeeper  and  the 
technology  has  come  a 
long  way  since  the  first 
time  it  was  used  in  1932. 

www.nwdocfinder.com/6338 


MIT  hackers 
relieved  of  gag 
order 


The  court  dissolved  the 
gag  order  against  three 
MIT  students  who 
found  a  flaw  in  the 
MBTA’s  ticket  system. 

www.nwdocfinder.com/6339 
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New  twists  on  Wi-Fi 


■  Getting  help  in  JUNOS.  Jeff  Doyle  writes 
in  his  blog,  “I  discussed  in  the  previous  post 
how  candidate  configurations,  explicit  com¬ 
mits,  and  rollbacks  greatly  increase  the  relia¬ 
bility  of  configuration  changes  in  JUNOS  and 
reduce  the  risk  of  configuration  mistakes. 
Heaven  knows  if  there  is  a  mistake  to  be 
made,  I’m  likely  to  make  it.  Another  nice  fea¬ 
ture  for  klutzy  typists  such  as  myself  is  that 
rather  than  waiting  until  you  hit  return  at  the 
end  of  a  configuration  statement  to  check  for 
syntax  errors,  JUNOS  checks  syntax  word- 
by-word  —  that  is,  every  time  you  enter  a 
word  into  a  line  and  hit  the  space  bar,  it 
checks  the  syntax.”  www.nwdocfind 
er.com/6333 

■  Anti-social  engineering.  Noah  Schiff- 
man  writes  in  his  Security  Phreak  blog,  "The 
Internet  has  led  to  the  content  dilution  of 
many  once  respected  journals  and  publica¬ 
tions,  such  as  my  blog  to  Network  World. 
Actually,  it  is  an  online  article  titled  ‘How  I 
Stole  Someone's  Identity',  currently  featured 
on  Scientific  American's  website  which  high¬ 
lighted  this  fact.  It’s  watered  down  material 
and  oversimplified  presentations  have  re¬ 
sulted  in  its  loss  of  cutting  edge  credibility. 
This  article,  which  outlines  HerbThompson’s 
'experiment'  (there's  nothing  experimental 
about  an  everyday  occurrence)  to  ‘break  into' 
(logic  +  luck  +  end  user  stupidity  <  breaking 
into)  someone’s  bank  account,  holds  little 
value  to  readers  with  a  shred  of  intelligence. 
What  I  found  most  irritating  was  the  text 
contained  in  the  article’s  URL,  referring  to 
the  story  as  an  ‘anatomy  of  a  social  attack.’ 
Data  mining,  email  account  discovery,  and 
automated  password  resets  is  not  ‘social’ 
nor  an  ‘attack.’" 

ivww.nwdocfinder.com/6334 


Small  business  networking:  It’s  a  wireless 
world,  some  say,  conveniently  overlooking  the 
giant  balls  of  cables  behind  every  personal 
computer  and  every  server,  router  and  print¬ 
er.  But  many  want  to  expand  the  wireless 
world, so  let’s  look  at  two  companies  doing 
just  that,  www.nwdocfinder.com/6329 

Network/systems  management:  The  IT 

security  team  at  Wayne  State  University  in 
Detroit  wanted  to  get  better  visibility  into  the 
traffic  crossing  the  urban  institution’s  main 
and  satellite  locations.  With  some  33,000  stu¬ 
dents  and  10,000  faculty,  staff  and  employees 
using  the  network,  which  includes  10,000 
internal  and  50,000  external  hosts,  the  team 
turned  to  network  behavior  analysis  (NBA) 
software  from  Q1  Labs.NBA  tools  monitor 
and  analyze  network  traffic,  looking  for 
abnormalities  and  patterns  that  could  indi¬ 
cate  a  zero-day  attack,  or  a  server  sending  too 
many  queries,  or  one  that  is  trying  to  connect 
to  the  Internet  in  the  middle  of  the  night.The 
products  prove  to  be  another  layer  of  securi¬ 
ty;  in  addition  to  identifying  top  talkers  on  the 
network,  NBA  technology  can  help  network 
and  security  teams  detect  undocumented 
vulnerabilities  and  symptoms  of  unknown 
threats  before  the  environment  is  impacted. 
www.nwdocfinder.com/6330 

Network/systems  management:  The  U  S. 


General  Services  Administration  (GSA)  esti¬ 
mates  it  can  save  between  $750,000  and  $50 
million  annually  if  a  majority  of  government 
agencies  implement  power  management  soft¬ 
ware  that  would  enable  IT  to  program  com¬ 
puters  to  automatically  shut  down  during 
non  business  hours.  Private  companies  such 
as  Partners  Healthcare  are  reaping  the 
rewards  of  power  management  features  in 
software  from  asset-management  vendors 
such  as  Altiris.  And  now  the  GSA  is  offering 
the  personal  computer  power  conservation 
software  at  an  annual  license  fee  of  $3  per 
computer  through  its  SmartBUY  program, 
which  is  a  federal  government  procurement 
plan  designed  to  promote  "effective  enter- 
prise-level  software  management."  The  $3 
license  fee  remains  in  effect  through  fiscal 
2008.  Tom  Kirelis,  acting  deputy  director  of 
the  Office  of  Infrastructure  Optimization, 
Federal  Acquisition  Service  at  GSA,  says  the 
potential  savings  justify  the  investment  in 
BigFix’s  Power  Management  software.  He 
explains  the  software  became  part  of  the 
SmartBUY  program  via  the  Department  of  the 
Army,  which  had  a  blanket  purchase  agree¬ 
ment  for  asset  management  and  asset  discov¬ 
ery  —  two  features  of  BigFix’s  broader  prod¬ 
uct  portfolio.  He  says  the  Power  Management 
application  is  well  suited  to  government 
agency’s  infrastructure  needs. 
www.nwdocfinder.com/6331 
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OR  $56/MONTH  FOR  36  MONTHS' 


IBM  System  x3550™  Express.  It’s  designed  to  stay  up  and 
running  and  help  reduce  system  downtime.  In  fact,  it  can 
even  identify  a  potential  problem  before  it  becomes  one. 
And  if  you  ever  have  to  replace  a  component,  you  can  do 
that  without  having  to  shut  down.  Just  one  more  way  the 
x3550  Express  keeps  downtime  down. 

From  the  people  and  Business  Partners  of  IBM. 

It’s  innovation  made  easy. 


RUN  YOUR  CRITICAL  APPLICATIONS  WITH  CONFIDENCE. 


PN:  7978EJU _ 

Featuring  up  to  two  Quad-Core  Intel®  Xeon®  Processors  E5430  2.66GHz 
Hot-swap  redundant  cooling  for  high  availability 
Includes  IBM  Director  and  PowerExecutive  to  help  manage  power 
consumption,  increase  uptime,  reduce  costs  and  improve  productivity 
3-year  on-site  limited  warranty2  on  parts  and  labor 


IBM  SYSTEM  STORAGE™ 
DS3400  EXPRESS  KIT 

$13,793 

OR  S352/M0NTH  FOR  36  MONTHS1 


PN:  1726-42U 


IBM  TIVOLI®  CONTINUOUS  DATA  PROTECTION  FOR  FILES 

$42  per  user 

PN:  D613ALL 


All-in-one  kit  makes  it  easier  to  migrate  from  your  DAS  network  to  SAN 

Includes  IBM  System  Storage  DS3400  Dual  Controller,  four  IBM  Emulex  42C2069 
4Gb/s  PCI  Express  HBAs,  Brocade  SAN  8  Port  Fibre  Channel  switch  (16  total 
ports),  twelve  4Gb/s  SFPs,  and  eight  5-meter  optical  LC  cables 
Emulex  EZ  Pilot™  installation/management  software  included 


Save  and  recovery  technology  enables  file  recovery  to  any  point  in  time 
Continuous  Data  Protection  (CDP)  protects  your  data  from  the  aftermath  of  a  virus 
attack  or  user  error 

Up  to  3  backup/replication  areas  help  protect  against  corruption,  file  loss  or 
system  loss 


COMPLIMENTARY  SYSTEMS  ADVISOR  TOOL 

=  ~=  express 

Want  to  find  the  right  server  or  storage  system  for  you? 

advantage™ 

Our  Systems  Advisor  Tool  cart  help.  Just  give  the  tool  a  little 

input,  and  it  will  identify  products  that  can  help  meet  your 

lbm.com/systems/uptime 

business  needs.  Get  started  now  at  lbm.com/systems/uptime 

1  866-872-3902  (mention  6N8AH04A) 

1.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LL.C  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly  payments  provided  are  for  planning  purposes 
only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  offer  provided  is  based  on  an  FM  V  lease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change,  extension  or  withdrawal  without  notice. 

2.  IBM  hardware  products  are  manufactured  from  new  parts,  or  new  and  serviceable  used  parts  Regardless,  our  warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit  ibm.com/servers/support/macWne_wananfies  or  write  to:  Warranty 
Information,  P.0.  Box  12195.  RTF’  NC  27709.  Attn:  Dept.  JDJA/B203  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services,  including  those  designated  as  ServerProven*  or  ClusterProvenf  Telephone  support  may  be  subject 
to  additional  charges.  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  tor  selected  components.  Optional  same-day  service  response  is  available  (on  select 
systems]  at  an  additional  charge.  IBM,  the  IBM  iogo,  IBM  Express  Advantage,  System  x  and  System  Storage  are  trademarks  of  International  Business  Machines  Corporation  in  trie  United  States  and/or  other  countr ies.  For  a  complete  list  ot  IBM  Trademarks, 
see  ibm.com/legal/copytrade.shtm!.  Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  ot  Intel  Corporation  in  the  U.S.  and  other  countries.  All  other  products  may  be  trademarks  or  registered  trademarks  ot  their  respective 
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Firefox  SSL-certificate  debate 
gets  gnarly 

Debate  is  reaching  a  fever  pitch  over  a  new  security  feature  in  Firefox  3.0  that 
throws  out  a  warning  page  to  users  when  a  Web  site's  SSL  certificate  is 
expired  or  has  not  been  issued  by  a  trusted  third  party  Mozilla  officials  say  the 
new  feature  helps  curb  electronic  eavesdropping  or  so-called  “man  in  the  middle” 
attacks.  Critics  say  that  Firefox  3.0  is  putting  undue  fear  and  confusion  into  every¬ 
day  Web  surfers  and  forcing  Web-site  operators  to  do  business  with  specific  ven¬ 
dors  of  SSL  certificates  or  risk  the  appearance  that  their  Web  sites  are  broken. The 
certificate  issue  is  cropping  up  on  such  major  sites  as  the  U.S.  Army’s,  which  uses 
certificates  issued  by  the  Department  of  Defense.  In  the  Army’s  case,  Firefox  does 
not  recognize  the  DOD  as  an  authorized  certificate  provider  and  defaults  to  a  Web 
page  showing  a  traffic-cop  icon  and  proclaiming  that  the  site’s  certificate  can  not 
be  trusted.  The  problem  also  has  surfaced  with  expired  SSL  certificates  on  such 
sites  as  Google  Checkout  and  Linkedln.  www.nwdocfinder.com/6340 


IBM  commits  $300  million  to  disaster 
recovery.  IBM  is  investing  $300  million  to 
build  13  new  data  centers  that  will  help  cus¬ 
tomers  worldwide  recover  from  disaster  by 
storing  their  data  remotely  in  a  cloud-based 
storage  model. The  data  centers,  to  be  built 
this  year,  will  be  in  locations  including  Hong 
Kong, Tokyo,  Paris,  London,  Beijing,  Poland, 
Italy,  New  Jersey  Germany,  Brazil,  India  and 
South  Africa.  IBM  is  calling  the  new  facilities 
Business  Resilience  service-delivery  centers. 
Data-protection  technology  gained  in  IBM’s 
acquisition  of  online  storage  provider 
Arsenal  Digital  Solutions  has  been  integrat¬ 
ed  with  IBM’s  rack-mounted  storage  appli¬ 
ances  and  will  be  a  part  of  the  new  service- 
delivery  centers. 
www.nwdocfinder.com/6341 

Dell  gains,  Sun  loses  in  worldwide 
server  market.  Dell  posted  the  biggest 
gains  in  worldwide  server  revenue  in  the  sec¬ 
ond  quarter,  helping  it  to  nudge  Sun  out  of 
third  place,  Gartner  said  last  week.  IBM 
retained  the  top  spot  but  its  revenue  growth 
was  slower  than  Dell’s,  while  HP  stayed  in  sec¬ 
ond  place  with  hardly  any  growth,  according 
to  Gartner’s  estimates.  Dell’s  server  revenue 
climbed  15%  from  the  second  quarter  last 
year,  compared  with  1 1.5%  growth  for  IBM 
and  2.9%  growth  for  HPSun’s  revenue 
declined  6.8%  while  Fujitsu/Fujitsu  Siemens’ 
stayed  flat.  An  upswing  in  x86  server-replace¬ 
ments  during  the  quarter  was  the  biggest  dri¬ 
ver  for  the  market  as  a  whole,  according  to 
Gartner.  Sales  also  were  lifted  by  data-center 
buildouts  and  growth  in  emerging  markets. 
Server  revenue  overall  grew  5.7%  from  the 
second  quarter  last  year,  to  $13.8  billion, 
which  Gartner  called  a  solid  performance 
given  the  economic  woes  in  the  United  States 
and  elsewhere. 

www.nwdocfinder.com/6342 


Palm  unwraps  the  unlocked  3G  Treo 
Pro.  Palm  took  the  wraps  off  a  new  and 
unlocked  Windows  Mobile  3G  smart  phone, 
aimed  at  enterprise  users.The  Palm  Treo  Pro 
incorporates  features  designed  to  appeal  to 
IT  managers  who  are 
opting  for  Windows 
Mobile  as  their  mobile 
platform  and  who  want 
more  control  over  cor¬ 
porate  handhelds. 

Windows  Mobile  6.1 
includes  Microsoft 
DirectPush  Technology 
which  creates  a  direct 
link  with  Microsoft 
Exchange  Server  2003  or  2007,  as  well  as 
hooks  to  Microsoft  System  Center  Mobile 
Device  Manage  (MDM).No  U.S.  carrier  has 
been  announced  for  the  smart  phone  but 
because  it  supports  GSM-based  3G  cellular 
standards  Universal  Mobile  Telecommuni¬ 
cations  System  and  High  Speed  Downlink 
Packet  Access,  the  device  can  operate  on  net¬ 
works  from  AT&T  Wireless  and  T-Mobile  USA. 
This  should  enable  enterprise  customers  to 
negotiate  rate  plans  with  carriers,  then  fit  the 
Treo  Pro  with  an  appropriate  SIM  card. The 
unlocked  version  will  be  available  in  the 
United  States  in  the  fall. The  suggested  retail 
price  is  $549.  www.nwdocfinder.com/6343 

Microsoft  lifts  virtualization-licensing 
restrictions.  Microsoft  confirmed  last  week 
it  will  eliminate  a  licensing  restriction  that 
prevented  customers  from  moving  virtualized 
applications  to  a  different  server  more  than 
once  every  90  days. The  90-day  restriction  will 
be  removed  on  Sept.  1  for  the  most  common¬ 
ly  used  Microsoft  server  applications,  includ¬ 
ing  SQL  Server  2008  Enterprise  edition, 
Exchange  Server  2007  Service  Pack  1 
Standard  and  Enterprise  editions,  Dynamics 


CRM  4.0  Enterprise  and  Professional  editions, 
Office  SharePoint  Server  2007,  and  Microsoft 
System  Center  products.  In  all,  41  server  appli¬ 
cations  are  affected.  Microsoft  also  said  it  will 
provide  technical  support  for  applications 
running  on  several  types  of  hypervisors. 
www.nwdocfinder.com/6344 

Microsoft  hires  Seinfeld  to  bite  Apple. 

Apple  keeps  pummeling  Microsoft  in  its  ads, 
and  yadda,yadda,yadda,the  world’s  largest 
software  maker  plans  to  hire  comedian  Jerry 
Seinfeld  for  its  new  marketing  campaign, 
according  to  reports.  Continually  painted  by 
Apple  and  other  rivals  as  uncool  and  unsafe, 
Microsoft  plans  to  spend  $300  million  on  a 
new  series  of  advertisements  designed 
around  its  “Windows  Not  Walls”  slogan  that 
will  feature  Seinfeld  and  Microsoft  Chairman 
Bill  Gates.  Seinfeld  will  take  home  $10  million 
for  his  role  in  the  spots,  The  Wall  Street 
Journal  reported,  citing  people  familiar  with 
the  situation. The  campaign  is  expected  to 
debut  Sept.  4.  www.nwdocfinder.com/6345 

Start-up  applies  social  networking  to 
app  testing.  Massachusetts  start-up  uTest  is 
launching  an  on-demand  service  that  weds 
application-testing  to  social-networking 
through  a  community  of  more  than  8,000  pro¬ 
fessional  testers  in  roughly  130  countries. 
Users  provide  uTest  with  a  link  to  their  appli¬ 
cation  and  select  a  test  team  from  the  com¬ 
munity  with  the  appropriate  skill  sets  and 
demographics  for  the  job.  Customers  commu¬ 
nicate  with  testers  through  the  uTest  platform, 
which  also  integrates  with  in-house  bug-track¬ 
ing  systems,  such  as  Bugzilla.  It’s  not  always 
cost-effective  for  smaller  companies  to  hire 
quality-assurance  teams,  and  larger  enterpris¬ 
es  that  want  to  do  some  outsourcing  might 
have  to  sign  a  long-term  contract,  said  CEO 
Doron  Reuveni.ww.nwdocfinder.com/6346 

East  Coast  Web  connections  run  laps 
around  rest  of  U.S.  States  on  the  East 
Coast  have  significantly  faster  median  down¬ 
load  speeds  than  the  rest  of  the  country,  with 
the  top  states  doubling  or  nearly  tripling  the 
national  median  speed,  a  new  study  claims. 
The  study,  which  was  conducted  by  afford¬ 
able-broadband  advocacy  group  Speed 
Matters,  found  that  the  nine  states  with  the 
fastest  median  download  connections  are  all 
located  on  the  East  Coast.  Rhode  Island 
(6.8Mbps)  and  Delaware  (6.7Mbps)  have  the 
fastest,  and  nearly  triple  the  national  median, 
download  speed  of  2.3Mbps.  Rounding  out 
the  Top  5  states  are  New  Jersey  (5.8Mbps), 
Virginia  (5Mbps)  and  Massachusetts 
(4. 6Mbps). The  states  with  the  slowest  median 
download  speeds  include  Idaho  (1.3Mbps), 
Wyoming  (1.3Mbps), Montana  (1.3Mbps)  and 
North  Dakota  (1.2Mbps).  Alaska  had  the  slow¬ 
est  download  speed  (0.8Mbps). 
www.nwdocfinder.com/6347 
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What  are  you  missing  right  now? 

Keep  the  best  of  the  Web  with  you  on  the 
nation’s  largest  mobile  broadband  network. 
Just  plug  it  into  your  laptop  and  go. 


Free 


Sierra  Wireless  Compass "  597 
Requires  eligible  upgrade  (or  new  service 
activation)  on  a  business  account,  data  plan 
and  two-year  agreement. 


sprint.com/mobilebroadband 
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Largest  claim  based  on  total  network  size  (sq.  miles).  May  require  up  to  a  $36  activation  fee/line,  credit  approval  and  deposit.  $200  early  termination  fee/line  applies.  Mobile  Broadband  Card  Offer: 
Offer  ends  12/31/08.  While  supplies  last.  Requires  activation  at  the  time  of  purchase.  Available  for  corporate-liabie  accounts  (activations  using  a  business  name  and  tax  ID)  only.  Upgrade:  Existing 
customers  in  good  standing  with  sen/ice  on  the  same  device  for  more  than  22  consecutive  months  currently  activated  on  a  service  plan  of  $34.99  or  higher  may  be  eligible.  See  in-store  rebate  form  or 
sprint.com/upgrade  for  details.  Pricing,  offer  terms,  fees  and  features  may  vary  for  existing  customers  not  eligible  for  upgrade.  Mobile  broadband  card  data  plan  required.  See  sprint.com/coverage  for 
details.  Other  Terms:  Offers  not  available  in  all  markets/retail  locations  or  for  all  phones/networks.  Sprint  Mobile  Broadband  Network  reaches  over  248  million  people  (including  data  roaming).  Not 
available  in  all  markets/retail  locations.  Other  restrictions  apply.  See  store  or  sprint.com  for  details.  ©2008  Sprint. 


NEWS  ANALYSIS 


InBrief 


Disruption-tolerant  networks 
set  for  large-scale  test 


BY  JOHN  COX 

Scientists  at  BBN  Technologies  have  begun 
readying  a  large-scale  field  test  of  a  mobile 
network  designed  to  keep  working  despite 
transmission  failures,  glitches  and  long  delays. 

The  test  is  the  third  phase  of  a  Department  of 
Defense  project  to  create  disruption-tolerant 
networks,  or  DTNs.  It  builds  on  a  field  proto¬ 
type  of  20  nodes  that  was  successfully  demon¬ 
strated  last  November  at  the  Army’s  Fort  A.P 
Hill  in  Virginia.The  large-scale  trial,  due  in  late 
2009,  is  intended  to  show  that  big  DTNs  are  not 
only  possible  but  also  commercially  viable 
and  able  to  be  built  with  off-the-shelf  parts. 

To  fund  Phase  3,  the  Defense  Department’s 
Defense  Advanced  Research  Projects  Agency 
(DARPA)  just  awarded  almost  $9  million  to 
BBN.  Key  priorities  involve  work  on  DTN  seal- 
ability  and  robustness  to  support  thousands  of 
nodes,  and  designing  and  implementing  new 
algorithms  for  several  key  tasks.The  BBN  team 
also  will  be  working  with  the  U.S.  Marines  to 
introduce  DTN  into  the  Condor  mobile  net¬ 
work  program,  which  is  designed  to  link 
maneuvering  units  with  command  centers 
beyond  line-of-sight  (about  20  to  30  miles). 

Though  driven  by  military  networking 
requirements,  DTNs  potentially  have  a  much 
wider  applicability  They  can  sustain  commu¬ 
nications  without  the  stability,  connectivity 
and  predictability  required  by  todays  IP  net¬ 
works,  including  the  Internet.  If  these  networks 
lose  a  connection  or  suffer  delays,  packet 
deliveries  plummet  because  the  existing  rout¬ 
ing  protocols  assume  an  end-to-end  path  that 
becomes  stable  fairly  quickly.  But  those 
assumptions  break  down  in  the  face  of  repeat¬ 


ed  disconnections  and  long  delays,  which  can 
be  caused  by  equipment  failures,  weather,  ter¬ 
rain  or  jamming. 

One  civilian  prototype  is  the  DieselNet  proj¬ 
ect  at  the  University  of  Massachusetts- 
Amherst.  DieselNet  consists  of  off-the-shelf  sin¬ 
gle-board  computers,  GPS  receivers  and 
radios  mounted  in  40  UMass  buses.  As  two 
buses  near  each  other,  their  DTN  nodes  query 
each  other  to  find  out  what  other  nodes  each 
sees  most  frequently  If  one  of  those  other 
nodes  is  related  to  the  final  network  destina¬ 
tion  of  a  message,  that  message  is  handed  off 
to  the  passing  node  in  the  seconds  they’re 
close  enough  for  the  Wi-Fi  connection.  At 
some  point,  the  message  is  handed  to  a  node 
attached  to  the  wired  Internet. 

Central  to  DTNs  effectiveness  is  the  technol¬ 
ogy’s  tenacity 

“IP  networks  have  as  a  philosophy  the  idea 
[that]  ‘if  there’s  a  problem,  give  up.  The  user 
will  resend.’  DTN  doesn’t  give  up.  It’s  constant¬ 
ly  trying  to  move  the  information  forward,” 
says  Christopher  Small,  senior  scientist  with 
the  Networking  Research  Group  at  BBN’s 
Cambridge,  Mass.,  headquarters.  “DTN  will 
work  around  breaks,  and  route  the  informa¬ 
tion  any  way  it  can.” 

That  tenacity  is  due  in  large  part  to  a  new 
BBN-written  routing  protocol,  called  Bundle, 
which  makes  use  of  queuing  and  other  tech¬ 
niques,  including  one  called  late  binding. With 
late  bindings  source  node  in  a  DTN  can  send 
a  message  even  though  the  final  destination  IP 
address  can’t  be  known  due  to  disruptions  of 
name  servers  or  routers.  It’s  like  mailing  an 

See  DTN,  page  32 


Suing  over  the  iPhone 

An  Alabama  woman  filed  a  lawsuit  last 
week  against  Apple,  claiming  the  compa¬ 
ny’s  iPhone  3G  drops  calls,  has  trouble 
connecting  to  AT&T's  network  and  is 
slower  than  advertised. The  suit  also 
seeks  class-action  status,  according  to 
papers  filed  with  a  federal  court.  Dubbing 
the  phone  “defective  iPhone  3G”  through¬ 
out  her  lawsuit,  Birmingham  resident 
Jessica  Smith  charged  Apple  with  breach 
of  express  and  implied  warranty,  and  fail¬ 
ing  that,  unjust  enrichment.  Apple's  adver¬ 
tising  blitz  was  misleading,  the  lawsuit 
claims.  "Defendant  intended  for  cus¬ 
tomers  to  believe  its  statements  and  rep¬ 
resentations  about  the  defective  iPhone 
3Gs,  and  to  trust  that  the  device  was 
‘twice  as  fast  at  half  the  price,’"  the  law¬ 
suit  says.  Apple  did  not  immediately  reply 
to  a  request  for  comment. 

Amazon  adds  persistent 
storage  to  compute  cloud 

Amazon  has  rolled  out  a  persistent  storage 
feature  for  its  EC2  Elastic  Compute  Cloud, 
which  should  allow  developers  to  use  its 
hosted  computing  services  fora  much 
broader  range  of  applications.The  feature, 
called  Elastic  Block  Store  (EBS),  lets  devel¬ 
opers  create  a  IGB-to-ITB  storage  volume 
and  attach  it  to  "instances”  of  applications 
running  in  Amazon’s  cloud.  Developers  can 
then  detach  the  storage  volume  and  use  it 
later  for  other  application  instances  and 
back  it  up  to  Amazon’s  S3  storage  service  if 
they  need  more  durability.  Without  EBS,  the 
storage  volume  is  tied  to  a  particular 
instance  and  the  data  is  lost  when  the  job  is 
terminated,  Amazon  says. 

Free  tool  tackles  dirty  data 

Open  source  data-integration  vendorTalend 
has  unveiled  a  tool  aimed  at  scrubbing  dirty 
data  from  corporate  information  reposito- 
ries.Talend  Data  Quality,  which  will  be  avail¬ 
able  free  under  a  GPL  license,  ferrets  out 
such  errors  as  duplicate  names  and  address, 
and  improperly  configured  data  including 
phone  numbers.  At  its  most  basic,  the  soft¬ 
ware  can  ensure  a  person’s  phone  number  is 
correct  and  has  the  required  number  of  dig¬ 
its;  check  that  ZIP  codes  match  the  cities 
contained  in  an  address  entry;  and  consoli¬ 
date  entries  that  have  names,  nicknames  or 
abbreviations  that  apply  to  the  same  person. 
Talend  plans  to  deliver  Data  Quality  at  the 
end  of  September  and  will  offer  technical 
support  and  other  services  via  a  subscrip¬ 
tion  that  starts  at  $15,000  per  year. 


Circles  represent  radio  nodes  —  “S”  for  stationary  and  “M”  for  a  truck-mounted 
radios  —  in  this  aerial  photo  of  DARPA's  Fort  A.P.  Hill  demonstration.  At  left  is  an 
IP-only  network.  At  right  is  the  same  network  with  BBN  Technologies’  disruption- 
tolerant  networking  (DTN)  protocol  stack.  The  trucks  moved  continuously 
between  the  “forward  operating  base”  at  top  left  and  “headquarters”  at  lower 
right,  in  effect  ferrying  packets  between  the  sites.  The  brighter  the  green  circle, 
the  greater  the  number  of  successful  transmissions.  Many  IP-only  nodes  found 
no  connection  at  all. 
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For  your  business,  it’s  a  customer 
you  won’t  see  coming  back. 


You  can’t  anticipate  every  problem.  But  Emerson  Network  Power  and  its 
Liebert  power  and  cooling  technologies  can  help  you  create  an  IT  infrastructure 
that  is  ready  for  anything— unplanned  outages,  unpredictable  growth  or 
unexpected  technologies. 


One  example  is  the  Liebert  NX,  a  software-scalable  UPS  that  can  double  in 
capacity  without  adding  or  modifying  hardware.  Download  our  white  paper, 
Powering  Change  in  the  Data  Center,  and  discover  what  Liebert  technologies 
can  do  for  your  operating  flexibility,  at  flexibility.liebert.com. 


Liebert  flexibility 


Just  another  reason  why  Emerson  Network  Poweris  the  global  leader 
in  enabling  Business-Critical  Continuity.' 


Emerson,  Business-C  fitical  Continuity  and  Liebert  are  trademarks  of.E  merson  Electric  Co.  01  one  c|f  fts  affiliated  companies.  ©2007  Emerson  ElectricCo. 
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SPECIAL  FOCUS:  STORAGE  VIRTUALIZATION 


Going  virtual  raises  storage  issues 

Five  things  to  think  about  before  virtualizing  storage 


BY  JON  BRODKIN 

If  you’re  an  IT  executive,  chances  are  you’re  already  thinking  about 
storage  virtualization.  Nearly  one-quarter  of  companies  with  at  least 
500  employees  have  deployed  storage  virtualization  products 
already  and  another  55%  plan  to  do  so  within  two  years,  a  recent 
Gartner  survey  found. 


Storage  virtualization  is  an  abstraction 
that  presents  servers  and  applications  a 
view  of  storage  that  is  different  from  phys¬ 
ical  storage,  typically  by  aggregating  mul¬ 
tiple  storage  devices  and  allowing  them 
to  be  managed  in  one  administrative  con¬ 
sole. 

The  technology  is  emerging  fast  onto  the 
enterprise  scene  for  good  reasons:  In  many 
cases,  it  can  reduce  the  management  bur¬ 
dens  associated  with  storage;  and  offer  bet¬ 
ter  models  for  data-center  migrations,  back¬ 
up  and  disaster  recovery 

Enterasys  Networks  reaped  these  bene¬ 
fits  recently  when  it  moved  a  data  center 
from  Boston  into  its  headquarters  in 
Andover,  Mass. 

“In  days  gone  by  before  storage  virtualiza¬ 
tion,  that  might  have  been  an  all-day,  if  not 


an  all-week,  kind  of  process,”  says  Enterasys 
Vice  President  of  Marketing  Trent  Water- 
house.“Because  of  the  storage  virtualization 
technologies,  the  entire  move  happened  in 
less  than  30  minutes.” 

There  are  still  common  pitfalls  that  storage 
administrators  should  ponder,  as  well  as 
questions  they  should  ask  before  they  roll 
out  a  storage-virtualization  project.  Here’s  a 
look  at  some  of  the  top  issues. 

Managing  capacity 

With  storage  virtualization,  allocating  stor¬ 
age  is  easy  —  perhaps  too  easy 

“You  have  the  ability  to  affect  more  sys¬ 
tems  in  the  whole  forest  if  you  do  some¬ 
thing,”  says  Jonathan  Smith,  CEO  of  IT- 
onCommand  in  Denver, Colo.,  who  cautions 
fellow  IT  shops  to  pay  close  attention  to 


both  the  storage  and  performance  needs  of 
each  application.  “You  just  didn’t  have  that 
power  before.  Now  all  of  a  sudden  you  can 
do  whatever  you  want.” 

Smith,  who  is  using  LeftHand  Networks 
virtualization  on  HP  storage,  says  an  IT 
professional  might  see  a  lot  of  empty 
space  in  a  given  storage  volume  and  be 
tempted  to  fill  it  up.  Overusing  a  resource, 
however,  can  decrease  performance  if  the 
storage  is  allocated  to  a  database  or  some 
other  I/O-intensive  application. 

“Make  sure  you  size  it  correctly  and  really 
understand  how  much  horsepower  [your 
applications  need] ’’Smith  says. 

These  concerns  are  especially  true  when 
it  comes  to  thin  provisioning,  a  component 
of  virtualization  technology  that  lets  an  IT 
administrator  present  an  application  with 
more  storage  capacity  than  is  physically 
allocated  to  it.  This  eliminates  the  problem 
of  storage  overprovisioning,  in  which  stor¬ 
age  capacity  is  pre-allocated  to  applications 
but  never  used. 

With  thin  provisioning,  more  than  100%  of 
storage  capacity  can  be  allocated  to  appli¬ 
cations,  but  capacity  remains  available 
because  it  won’t  be  consumed  all  at  once. 

You  can  play  it  safe  by  allocating  small  vol¬ 
umes  that  never  exceed  the  physical  stor¬ 
age,  or  allocate  as  much  as  you  want  to  each 
application,  then  monitor  your  systems 
closely  says  Themis  Tokkaris,  systems  engi¬ 
neer  at  Truly  Nolen  Pest  Control  in  Tucson, 
Ariz.  It’s  best  if  you  can  find  a  happy  balance 
between  those  two  extremes. 

“You  have  to  monitor  your  pool  so  you 
don’t  run  out  of  space,  because  that  would 
really  crash  everything, ’’Tokkaris  says. 

How  server  virtualization  fits  in 

A  common  question  is  whether  it  makes 
sense  to  virtualize  storage  if  you’re  not  also 
using  server  virtualization. The  short  answer 
is  yes  —  though  it’s  true  you  won’t  get  as 
much  flexibility  as  IT  shops  that  virtualize 
both  servers  and  storage. 

“If  you  virtualize  both,  then  you  have  the 
maximum  flexibility  when  deploying  new 
applications,”  says  Chris  Saul,  IBM’s  storage- 
virtualization  marketing  manager. 

Nevertheless,  there  are  benefits  to  just  vir¬ 
tualizing  storage. 

Improved  disaster  recovery,  availability 
and  data  migrations  can  all  be  gained  with¬ 
out  having  virtual  servers,  says  product  mar¬ 
keting  manager  Augie  Gonzalez  of  storage 

See  Virtualization,  page  35 


At  a  glance:  storage  virtualization 


During  a  recent  teleconference,  Burton  Group  senior  analyst  Pete 
Lindstrom  laid  out  his  “Five  immutable  laws  of  virtualization  security.” 

What  it  is:  Storage  virtualization  is  the  ability  to  present  files,  data  volumes  and 
storage  devices  in  a  way  that  hides  their  physical  complexity  and  offers  a  single 
management  point  for  all  storage  devices,  regardless  of  which  vendor  made  them. 

Virtual  machines  increase  the  surface  area  of  a  potential  attack,  even  if  by  a  small 
amount,  which  therefore  puts  them  at  a  higher  risk  than  their  physical  counterparts. 

Who  offers  it:  IBM,  EMC,  HP,  DataCore  Software,  NetApp,  FalconStor  Software, 
LeftHand  Networks,  Dell  EqualLogic,  Cisco 

Benefits: 

*  Increases  traditionally  poor  storage  utilization  rates. 

*  Nondisruptive  data  migration. 

*  Easier  to  provide  tiered  storage  offerings. 

*  Simplifies  disaster  recovery. 

Challenges: 

•Vendors  not  always  willing  to  manage  rival  storage  products. 

*  By  making  it  easier  to  allocate  storage,  virtualization  raises  danger  of  overusing 
resources. 
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Dear  Valued  Customer, 


We  are  very  excited  to  be  joining  forces  with  Foundry  Networks  to  provide  you  and  the  industry  with  a  broad 
range  of  the  highest-performance,  most  reliable  networking  solutions,  from  the  Internet  to  the  data  center. 

As  an  important  part  of  this  recent  announcement,  we  want  to  assure  you  of  our  commitment  to  your 
infrastructure  investment  and  absolute  customer  satisfaction.  Upon  the  completion  of  the  acquisition,  we 
look  forward  to  continuing  to  provide  the  high  levels  of  innovation,  product  quality,  and  customer  service 
that  you  expect  and  rely  on. 

A  Commitment  to  Protecting  and  Extending  Your  Investment 

We  are  committed  to  continuing  to  deliver  and  invest  in  Foundry  products  and  solutions  following  the  closing 
of  the  acquisition.  As  part  of  this  ongoing  commitment,  we  will  provide  you  with  a  detailed  product  roadmap 
after  the  acquisition  closes.  You  can  also  count  on  the  combined  company  to  help  you  implement  and  support 
your  current  and  future  networking  projects,  allowing  you  to  maximize  the  value  of  your  Foundry  infrastructure. 

A  Commitment  to  Innovative  Engineering  and  Technical  Leadership 

Foundry  customers  know  that  better  engineering  equates  to  a  better  network.  We  are  committed  to  the 
retention  and  continued  development  of  the  Foundry  engineering  teams  that  have  consistently  delivered 
industry-leading  solutions,  from  the  enterprise  edge  to  the  service  provider  core.  We  believe  this  represents 
a  giant  leap  forward.  And  we  look  forward  to  continuing  to  create  solutions  that  enable  next-generation, 
high-performance,  end-to-end  networks  to  come  to  life. 


A  Commitment  to  Superior  Technical  Support  and  Customer  Satisfaction 

Brocade  and  Foundry  share  many  core  values,  and,  for  both  companies,  customer  satisfaction  is  our  top 
priority.  We  will  continue  to  focus  on  satisfying  the  technical  and  business  needs  that  are  mission-critical 
to  your  success,  including  a  promise  to  deliver  best-in-class  technical  support,  and  to  honor  all  existing 
contractual  service  and  support  commitments. 

Brocade  and  Foundry  will  continue  to  operate  as  independent  companies  until  after  the  transaction  closes. 
We  value  your  input  on  how  to  best  serve  your  needs  today  and  in  the  future.  Please  do  not  hesitate  to  work 
with  your  respective  Brocade  or  Foundry  sales  representative  regarding  any  questions  you  might  have  or 
any  additional  feedback  you  would  like  to  provide. 

I  hope  that  you  are  as  excited  about  the  future  as  we  are.  We  very  much  look  forward  to  being  your  high- 
performance  partner  for  your  important  networking  needs. 

Thank  you  and  best, 

Michael  Klayko 
Chief  Executive  Officer 
Brocade 


BROCADE 


If  you  would  like  more  information  about  the  acquisition,  please  see  Brocade  or  Foundry’s  website  at  www.brocade.com/convergednetworks  or  www.foundrynet.com/ 
convergednetworks,  or  the  respective  company's  SEC  filings  at  www.sec.gov 

©  2003  Brocade  Communications  Systems,  Inc.  All  rights  reserved.  Brocade  is  a  registered  trademark,  and  the  8-wing  symbol  is  a  trademark  of  Brocade  Communications  Systems,  Inc. 


MAXAttach  IP 

Superior  SIP-based  VoIP 
Conferencing  Solutions 


'Z  Better  audio  performance 
S  Better  room  coverge 
S  Better  price 


Visit  www.clearone.com/listen 
to  hear  the  difference. 


‘White  space'  spectrum 
debate  to  get  hotter 

BY  BRAD  REED 

Over  the  next  few  weeks,  the  Federal  Communications  Commission  is 
expected  to  make  a  decision  that  could  completely  change  the  mobile- 
broadband  landscape  in  the  United  States  for  years  to  come. 

This  summer,  the  FCC  and  several  wireless  carriers  and  device  manu¬ 
facturers  have  been  testing  devices  that  operate  on  television  “white 
spaces,”  or  pieces  of  unlicensed  spectrum  currently  unused  by  televi¬ 
sion  stations  on  the  VHF  and  UHF  frequency  bands.  Internet  compa¬ 
nies, such  as  Google,  and  device  manufacturers, such  as  Motorola,  have 
been  pushing  for  the  FCC  to  open  up  the  spectrum  for  unlicensed  use, 
arguing  it  would  help  bring  mobile  broadband  to  underserved  regions 
and  would  help  close  the  so-called  “digital  divide”  between  many 
urban  and  rural  areas  in  the  United  States. 

The  companies  have  met  staunch  opposition  from  the  National 
Association  of  Broadcasters  (NAB), which  doesn’t  want  mobile  Internet 
devices  operating  on  unlicensed  spectrum  clashing  with  broadcasts  on 
nearby  frequencies.  Past  FCC  tests  on  white-space  devices  have  lent  cre¬ 
dence  to  the  broadcasters’  concerns,  because  some  devices  were 
found  to  interfere  with  other  broadcasts  and  were  unable  to  detect  con¬ 
sistently  or  accurately  the  presence  of  otherTV  or  wireless  microphone 
signals. 

Additionally  telecom  giant  Verizon  recently  indicated  it  also  opposes 
opening  up  the  unlicensed  spectrum  for  device  use,  asserting  that  the 
company  has  been  unimpressed  with  the  white-space  device  tests  so 
far  and  that  it  “generally  . . .  favored  licensed  spectrum”  for  wireless 
devices. 

The  issues  that  have  to  be  resolved 

Both  sides  in  the  white-space  debate  have  clear  and  understandable 
economic  motives.  On  the  “pro”  side,  such  tech  companies  as  Google 
and  Microsoft  have  a  clear  vested  interest  in  spreading  the  mobile  Web 
to  as  many  people  as  possible,  because  expansion  will  generate  more 
revenue  for  their  search  engine  and  Windows  Mobile  platforms,  respec¬ 
tively  Similarly,  laptop  and  smart-phone  manufacturers, such  as  Dell  and 
Motorola,  want  to  sell  more  devices  to  more  people;  and  being  able  to 
use  mobile  devices  on  unlicensed  spectrum  will  open  up  a  new  market. 

Lining  up  against  using  white-space  spectrum  are  broadcasters  that 
want  to  protect  the  quality  of  their  broadcasts  on  licensed  spectrum  by 
eliminating  any  and  all  potential  sources  of  interference.  Kelly  Williams, 
the  senior  director  of  engineering  and  technology  policy  for  the  NAB, 
staked  out  an  inflexible  position  at  a  Wireless  Communications 
Association  meeting  earlier  this  year,  saying  any  mobile-device  use  of 
white  spaces  was  unacceptable  and  no  amount  of  testing  by  the  FCC 
could  change  his  mind. 

Specifically,  Williams  said  it  would  be  impossible  for  the  FCC  to 
approve  using  unlicensed  portable  devices  on  white  spaces,  because 
doing  so  inevitably  would  interfere  with  the  rights  of  licensed  spectrum 
holders.“We  don’t  like  transmitters  that  move  around,”  he  said. “I  don’t 
see  how  a  truly  personal  and  portable  device  can  actually  work  on 
those  white  spaces  because  it  would  need  to  know  at  all  times  just  how 
far  away  it  is  from  a  consumer’s  TV  set,  and  also  what  channel  that  TV 
is  set  to.  It  can  never  know  that.” 

Tech  companies  have  been  trying  to  work  around  this  problem  by 
creating  devices  that  can  detect  rival  signals  in  the  area  and  automati¬ 
cally  shut  down  when  they  begin  interfering  with  licensed  spectrum 
already  in  use.  Thus,  for  instance,  a  Bluetooth  handset  operating  unli¬ 
censed  on  white  spaces  might  flip  off  automatically  if  it  came  close  to 
a  working  television.  However,  there  has  been  a  growing  realization 
among  white-space  device-use  proponents  that  adding  sensing  abilities 
to  devices  by  itself  won’t  cut  it,  because  the  FCC’s  tests  found  that 
devicesensing  capabilities  were  poor  at  detecting  such  devices  as  wire 
less  microphones  that  also  use  unlicensed  frequencies. 

Motorola  has  started  working  on  a  solution  to  this  problem,  testing  its 

See  Spectrum,  page  35 
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Open  source  looks  to  shake  off  security  concerns 


BY  ELLEN  MESSMER 

Although  open  source  software  has  gained  a  place  in  enterprise  net¬ 
works  alongside  proprietary  software,  it  can’t  seem  to  shake  the  doubts 
about  security  and  intellectual-property  issues  that  have  long  dogged 
the  movement. 

“The  advantage  of  open  source  is  that  no  single  entity  has  authorita¬ 
tive  control  over  a  project,”  says  Mark  Driver,  an  analyst  at  Gartner. 
“There’s  no  single  choke  point.”  One  theory  holds  that  because  it’s  open 
source,  software-security  problems  can  be  discovered  quickly,  he  says. 
“But  one  argument  says  open  source  is  less  secure  and  people  can  put 
bad  things  in  it,  and  that’s  true,  too,”  he  adds. 

Whatever  the  doubts,  the  open  source  movement,  now  counting  in 
the  tens  of  thousands  of  “communities”  of  volunteer  software  devel¬ 
opers,  is  coding  en  masse  to  yield  a  bounty  of  operating  systems  and 
applications. 

Open  source  software  components  are  being  worked  into  commer¬ 
cial  software  through  such  tools  as  Eclipse  and  NetBeans.  Gartner  esti¬ 
mates  that  by  2013,80%  or  more  of  commercial  software  in  production 
will  have  elements  of  open  source. 

The  trend  today  is  for  IT  managers  in  business  and  government  to  try 
to  assess  each  open  source  software  project  by  the  company  it  keeps, 
critically  viewing  the  maturity  of  each  community  in  maintaining  its 
code  base  by  adding  extensions  or  fixing  bugs.  If  such  established  ven¬ 
dors  as  IBM,  Red  Hat  and  HP  are  involved  in  supporting  the  software, 
that’s  usually  seen  as  a  plus. 

The  most  ambitious  open  source  adopters  for  business  use  still  tend 
to  be  the  “technology  aggressive,”  Driver  says,  because  they  have  an 
internal  R&D  team  that  can  support  open  source,  or  they  will  hire  sup¬ 
port  from  vendors. 

So  what  more-pressing  security  and  intellectual-property  implications 
remain?  One  question  is  how  security  vulnerabilities  are  discovered 
and  fixed. There  is  often  a  different  methodology  at  work  than  can  be 


found  with  closed-source,  proprietary  software  vendors. 

Microsoft  —  once  close-minded,  wary  and  stubborn  about  accepting 
advice  from  outsiders  about  discovered  security  flaws  in  its  products  — 
has  gradually  opened  up  over  the  years  to  establish  clear  lines  of  con¬ 
tact  with  security  experts  to  discreetly  share  critical  information  about 
vulnerabilities  they  discover. 

Microsoft’s  latest  effort  in  this  area,  unveiled  this  month,  draws  security 
vendors  even  closer  to  the  Redmond  giant,  promising  a  select  group  of 
them  access  to  vulnerability  data  well  in  advance  of  Microsoft’s  month¬ 
ly  security  advisories  so  their  software-remediation  products  can  be 
ready  at  the  moment  of  Microsoft’s  public  notifications.  Microsoft  says 
it’s  doing  this  to  thwart  hackers  exploiting  vulnerability  information  to 
design  zero-day  attacks. 

In  contrast,  the  open  source  communities  often  fail  to  have  clear  lines 
of  communication  with  outsiders  who  may  be  security  experts,  whom 
they  tend  to  distrust.  In  any  event,  keeping  secrets  goes  against  the  grain 
of  the  open  source  spirit  for  many 

“The  open  source  software  development  model  is  so  different,”  says 
Stormy  Peters,  executive  director  of  the  GNOME  Foundation,  which 
makes  the  open  source  desktop  application  for  Linux  distributed  by 
many  vendors,  including  Novell  and  Red  Hat.  “Expecting  there  to  be 
security  services  or  a  contact  for  a  particular  project  is  not  likely  to  hap¬ 
pen  in  open  source,  but  usually  there  is  a  mailing  list.” 

That  mailing  list  is  usually  open,  as  are  any  bug-tracking  systems. 
“Whenever  the  problem  is  fixed,  we  issue  a  patch,”  Peters  says  about 
GNOME,  saying  that  responsibility  usually  falls  on  whoever  has  “com¬ 
mit  access,”  the  right  to  check  in  changed  code. 

Open  source  is  a  “meritocracy’  Peters  says,  and  though  a  community 
feels  most  comfortable  with  its  own,  “there’s  definitely  a  way  for  out¬ 
siders  to  interact  with  the  group,  as  long  as  you  look  credible.” 

Peters,  who  also  works  at  consulting  firm  OpenLogic  —  which  plays 

See  Open  source,  page  47 
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Virtual  system  makes  house  calls 

Voice-activated  system  extends  healthcare  to  patients’  homes 


BY  ANN  BEDNARZ 

Four  months  go  by  on  average,  between  scheduled  checkups  for 
patients  with  chronic  diseases  such  as  diabetes,  obesity  and  hyper¬ 
tension.  A  lot  can  happen  between  visits,  and  researchers  at  Boston 
Medical  Center  are  pioneering  ways  to  stay  virtually  connected  with 
patients  so  that  healthcare  issues  can  be  addressed  without  delay 


The  goal  is  to  provide  guidance  and  infor¬ 
mation  when  patients  need  it,  during  their 
daily  lives  and  not  just  during  scheduled  doc¬ 
tor  visits,  says  Robert  Friedman,  a  physician 
and  head  of  a  team  at  Boston  Medical  Center 
that’s  developing  telephone-based  systems  for 
delivering  virtual  care. 

“What  we’re  trying  to  do  is  catch  problems 
earlier  and  then  facilitate  physicians  and  other 
health  professionals  to  do  something  earlier” 
says  Friedman,  who  is  chief  of  the  Medical 
Information  Systems  Unit  at  Boston  Medical 
Center.  “We’re  also  educating  people  how  to 
take  care  of  themselves,  encouraging  them, 
monitoring  what  they  do,  and  counseling 
them.  There’s  a  psychological  and  behavioral 
intervention  component  to  it,  too.” 

Using  speech  recognition  and  interactive 
voice  response  (IVR)  technologies,  Friedman 
and  his  team  have  developed  automated  appli¬ 
cations  that  screen  patients  by  emulating  what 
a  healthcare  professional  might  do. 

Patients  dial  the  systems  from  their  homes,  or 
the  systems  make  outbound  calls  (particularly 
if  someone  misses  a  virtual  appointment). 
They’re  prompted  to  input  information, such  as 
blood  pressure  or  weight,  using  speech  or  key¬ 
pads.  They’re  also  asked  questions  such  as 
whether  they  are  exercising,  sticking  to  a  diet 
and  taking  medication  regularly 

The  system  analyzes  the  data  and  provides 
patients  with  feedback  and  coaching,  using  dig¬ 
itized  human  speech  or  text-to-speech  genera¬ 
tors.  It  also  alerts  appropriate  parties  if  there  are 
signs  of  trouble  or  indications  that  someone’s 
healthcare  regimen  needs  to  be  modified. 

“It’s  in  real  time,  so  someone  is  on  the 
phone,  taking  their  blood  pressure  or  answer¬ 
ing  a  question,  and  that’s  being  reported  to 
physicians  or  clinicians  electronically”  Fried¬ 
man  says. 

Most  recently  Boston  Medical  Center  went 
live  with  a  system  that  targets  people  at  risk  of 
substance  abuse  problems.  Developed  for  the 
Massachusetts  Department  of  Health,  the  appli¬ 
cation  uses  data  from  medical  practices  to 
screen  primary  care  patients  for  undiagnosed 
substance  abuse  problems. 

The  system  is  capable  of  reaching  thousands 


of  people  every  week  —  which  would  be  pro¬ 
hibitively  expensive  for  healthcare  providers  to 
do  in-person.“Early  detection  is  critical  for  peo¬ 
ple  in  the  beginning  phases  of  addiction.  With 
the  voice-activated  system,  we  can  get  to  them 
right  awa>f  says  Amy  Rubin,  a  clinical  psychol¬ 
ogist  and  member  of  the  Boston  Medical 
Center  development  team. 

New  delivery  models 

The  idea  of  using  telephone  systems  to  de¬ 
liver  healthcare  to  people  in  their  homes  is  not 
new.  Friedman,  for  instance,  has  spent  25  years 
working  on  increasingly  advanced  systems  for 
delivering  virtual  care. 

What’s  most  different  between  Friedman’s 
early  applications  and  those  he’s  creating  today 


Virtual  visits 


is  the  use  of  a  commercial  platform  for  devel¬ 
oping,  deploying  and  managing  applications. 

Boston  Medical  Center  uses  the  Envox 
Communications  Development  Platform  7, 
which  combines  a  programming  environment 
for  developing  applications  with  a  VoiceXML 
gateway  and  run-time  environment.  Man¬ 
agement  and  administration  tools  round  out 
the  platform. 

On  the  telephony  front,  the  Envox  system  per¬ 
forms  tasks  such  as  answering  and  placing 
calls,  planning  menus,  executing  options,  and 
monitoring  or  recording  calls.  It’s  tied  to  a 
Nuance  Communications  platform  for  speech 
recognition,  and  it’s  also  integrated  with  some 
of  the  medical  center’s  patient  systems.The  soft¬ 
ware-based  Envox  7  platform  can  be  deployed 
on  standard  Windows  servers,  and  it  adheres  to 
standards  including  Session  Initiation  Protocol, 
H.323,  CCXML  and  VoiceXML. 

For  Friedman, shifting  from  proprietary  home¬ 
grown  systems  to  a  standards-based  platform 
has  enabled  him  and  his  team  to  build  and 
deploy  applications  more  quickly“We  built  the 
first  IVR  system  we  used,”  he  recalls.“But  trying 
to  build  your  own  IVR  system,  maintain  it  and 
improve  it  is  a  whole  business  in  itself.”  ■ 


Boston  Medical  Center  uses  speech  recognition  and  interactive  voice  response 
technologies  to  stay  in  touch  with  patients  between  scheduled  appointments. 


D  The  patient  dials  the  system  and  inputs  requested  information,  such  as  weight, 
blood  pressure  and  medication  status. 

B  The  system  analyzes  the  data  based  on  the  patient’s  history  and  accepted 
medical  thresholds,  and  provides  the  patient  with  feedback  and  coaching. 

B  Alerts  are  sent  to  medical  staff  if  there  are  signs  of  trouble  or  indications  that 
the  patient’s  healthcare  regimen  needs  to  be  adjusted. 

□  Emergency  personnel  are  notified  if  a  situation  is  critical. 
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Virtual  connections  keep  you  ready  for  virtually  anything 
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A  terminal  delay  in  enhanced  advertising? 


This  cannot  be  a  comfortable  time  for  the 
venture  capitalists  who  invested  in 
NebuAd,  an  advertising  service  that  tracks 
users’ Web  activities.  Overwhelmingly  negative 
attention  by  the  press  and  a  congressional 
committee  are  not  the  way  for  a  company  that 
has  depended  on  having  a  low  profile  to  have 
an  assured  future. 

Over  the  course  of  the  last  few  months, 
NebuAd  has  become,  perhaps  somewhat 
unfairly,  the  poster  child  for  greedy  ISPs  and 
privacy  invasion;  and  this  attention  seems  to 
have  dried  up  its  already  small  pool  of  tone-deaf  ISPs  that  were  try¬ 
ing  out  the  technology. 

I  wrote  about  NebuAd  more  than  a  year  ago  (www.nwdocfind 
er.com/6321). 

After  talking  to  the  company ,  I  concluded  it  was  trying  to  be  responsi¬ 
ble,  but  I  still  did  not  much  like  what  it  was  doing.  1  particularly  did  not 
like  its  ineffectual,  cookie-based  opt-out  mechanism;  and  although  I  did 
not  say  it  at  the  time,  I’m  not  sure  that  the  data  the  company  collects  is 
as  anonymous  as  it  maintains.  NebuAd  says  it  does  not  collect  detailed 
information  about  Internet  activity  but  only  notes  rough  categories  of 
visited  sites  and  hashes  the  IP  address  before  it  stores  that  data. 

I  expect,  however,  that  if  NebuAd  were  supplied  with  an  IP  address,  it 
could  tell  you  the  categories  of  sites  that  the  computer  with  that  IP 
address  visited.  Not  a  big  risk,  but  a  privacy  issue  in  any  case. 

NebuAd’s  activities  have  been  the  subject  of  congressional  hearings 
and  a  lot  of  posturing  by  politicians.  I  expect  that  its  CEO  does  not 
have  warm  feelings  for  Washington,  D.C.,  these  days.  As  part  of  one  of 
these  hearings,  the  House  Committee  on  Energy  and  Commerce 
asked  33  ISPs  and  other  Internet  companies  to  respond  to  a  series  of 
questions  about  their  use  of  technology  like  NebuAd’s.The  commit¬ 


tee  received  31  real  responses  and  one  plea  for  more  time. 

Some  of  these  responses  are  quite  interesting.  No  one  admits  to  be 
using  NebuAd,  but  a  couple  of  ISPs  said  they  had  run  trials  that  they 
stopped  after  they  saw  the  adverse  publicity  about  the  idea  and  ven¬ 
dor.  Most  ISPs  said  they  did  not  use  anything  like  NebuAd  and  had  no 
plans  to,  but  quite  a  few  hedged  their  bets  a  bit,  maybe  to  preserve 
their  options. The  response  that  was  most  to  the  point  came  from 
Frontier  Communications,  whose  one-paragraph  letter  basically  said, 
“Frontier  does  not  and  cannot  do  this  kind  of  thing,  so  the  answers  to 
your  questions  are  ‘no’  or ‘not  applicable.’” 

The  ISPs  that  had  tested  NebuAd  said  it  was  “advanced  advertising” 
that  would  “help  improve  your  favorite  websites  by  showing  ads  that 
are  relevant  to  you,  and  reduce  clutter? 

They  also  pointed  to  NebuAd’s  poor  opt-out  process.  NebuAd  re¬ 
cently  said  it  was  going  to  come  up  with  a  non-cookie-based  opt-out 
mechanism  but  if  the  company  actually  believed  that  it  provided 
value  to  the  customer,  it  would  switch  to  opt-in. 

The  most  interesting  response  was  from  AT&T.  It  basically  said  it  did 
not  use  this  kind  of  technology  but  that  such  technology  “could  prove 
quite  valuable  to  consumers  and  could  dramatically  improve  their 
online  experience.” 

I  bet  AT&T  does  not  believe  this  enough  to  use  opt-in,  however.  AT&T 
also  said  that  Google  was  far  worse  than  anything  that  NebuAd-like 
technologies  could  do. The  carrier  is  not  wrong,  but  claiming  to  be 
good  by  not  being  as  bad  as  the  other  guy  does  not  make  me  feel 
warm  and  fuzzy 

Disclaimer:  Places  like  Harvard  are  not  supposed  to  make  you  feel 
warm  and  fuzzy  at  least  intellectually,  but  the  university  has  expressed 
no  opinion  on  NebuAd  or  AT&T,  so  the  above  view  is  mine. 

Bradner  is  Harvard  University’s  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 


Online  profiling:  DPI’s  bad,  data  mining’s  worse 


Congress  recently  issued  a  request  to  carri¬ 
ers,  telecom  providers  and  ISPs  to  explain 
exactly  how,  and  under  what  circum¬ 
stances,  they’re  inspecting  user  online  content. 
Specifically,  they’re  concerned  about  deep 
packet  inspection  —  a  generic  name  for  tech¬ 
nologies  that  enable  service  providers  to  cap¬ 
ture  and  inspect  packet  flows. 

Apparently  the  folks  in  Washington,  D.C., 
have  short  memories.  Back  in  1994,  Congress 
passed  the  Communications  Assistance  for  Law 
Enforcement  Act,  which  mandates  that  carriers 
be  able  to  capture  and  inspect  packet  flows 
(and  forward  them  to  law  enforcement  agencies)  —  which  pretty 
much  requires  DPI. 

But  that’s  not  all.  As  AT&T  points  out  in  its  response  to  the 
Congressional  request,  if  the  real  concern  is  tracking  online  behavior, 
DPI  is  a  red  herring.  Search  and  application  vendors,  such  as  Google, 
regularly  scan  user  content  and  use  data-mining  techniques  to  build 
online  profiles  of  users. 

Specifically,  Google  routinely  searches  through  e-mails  sent  or 
received  within  Gmail  to  enable  it  to  provide  “customized  content  and 
advertising.”These  e-mail  scans  also  are  cross-correlated  with  Web 
searches.  For  example,  Google  may  note  that  1  mentioned  plans  for  a 
trail  hike  in  an  e-mail  to  a  friend,  then  conducted  a  Web  search  hours 
later  for  “trail  shoes.” 

There  are  two  key  points  here.  First  is  that  if  the  feds  think  DPI  is  a 
bad  idea,  they  shouldn’t  have  written  laws  that  essentially  require  it. 
Second,  if  you  think  DPI  is  bad  —  data  mining  is  plenty  worse.  As 


noted  above,  Google  and  others  today  are  scanning  e-mails  on  a  regu¬ 
lar  basis  —  something  carriers  don’t  do. 

In  short,  if  you  hate  DPI,  you  should  despise  data  mining. 

Weirdly  enough,  however,  the  same  folks  who  castigate  carriers 
for  DPI  often  defend  search  engines  and  application  vendors  for 
data  mining. Their  most  common  defense  is  that  search  engines 
are  “opt-in.” 

Sorry  guys,  that’s  bogus.  All  content  stored  on  Google’s  site  is 
scanned. That  includes  mail  to  a  Gmail  account  —  even  if  the  sender 
didn’t  realize  it  was  being  delivered. 

As  the  good  folks  at  the  Electronic  Privacy  Information  Center 
note:  “Non-subscribers  who  are  e-mailing  a  Gmail  user  have  not 
consented,  and  indeed  may  not  even  be  aware  that  their  commu¬ 
nications  are  being  analyzed  or  that  a  profile  may  being  compiled 
on  him  or  her.” 

Moreover,  many  cash-strapped  organizations,  such  as  schools 
and  universities,  are  planning  to  outsource  their  e-mail  to  Google, 
thereby  requiring  students  to  hold  Gmail  accounts.  No  opt-out 
options  available. 

The  bottom  line?  The  United  States  sorely  needs  a  privacy  policy 
that  will  articulate  what  service  providers  can  and  can’t  do  with  user 
data  —  and  under  what  circumstances.That  policy  should  apply  to 
search  and  applications  vendors,  as  well  as  telcos  and  ISPs.  And  it 
shouldn’t  contain  contradictions,  such  as  disallowing  and  requiring 
DPI  simultaneously. 

Johnson  is  president  and  senior  founding  partner  at  Nemertes 
Research,  a  leading  independent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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Introducing  the  Wi-Jack  Duo7  the  world's  smallest, 
thinnest  802.11  a/b/g  wireless  access  point.  Its 
centrally  managed  thin  AP  technology  means  better 
security  and  easier  management.  The  sleek  design 
fits  unobtrusively  into  a  standard  wall  box  and 
supports  an  optional  network  port.  Thin  is  in  for  higher 
performance  in  wireless  network  performance. 


Get  the  story  on  why  the  Wi-Jack  Duo  is  the  perfect 
wireless  solution  by  calling  800-934-5432  or  visiting 

www.ortronics.com/wi-jack 
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The  road  to  virtualization  now 


lnfraStru/\ure* 


DATA  CENTERS  ON  DEMAND 
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Design  Engineer, 

(PE)  and  Data  Center  Design  Services 

Sun's  Workplace  Resources 

Global  Lab  &  Data  Center  Design  Services  Team  (GDS) 

(from  right  to  left!  Bret  Rucker,  Ramesh  KV,  Dean  Nelson, 

Petr  Vlasaty,  Serena  Devito,  Mike  Ryan  &  Brian  Day 


"Our  innovative  cooling  approach  at  both  the 
rack  and  room  level  enables  us  to  quickly 
and  simply  grow  our  data  center  spaces 
as  needed  using  a  modular  approach. 

Instead  of  trying  to  reassess 
the  entire  room  and  figure  out 
where  the  best  location  is  for 
a  rack,  the  InfraStruXure  can 
actually  adapt  to  where  the 
user  wants  to  put  the  rack." 


1  Rack  enclosures  that  are  HD-Ready 

Start  with  vendor  neutral  NetShelter®  SX  racks,  engineered  to  handle 
the  airflow  and  power  needs  of  power-hungry,  high-density  servers. 


You  can  deploy  High-Density 
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Metered  PDUs  at  the  rack  level 

Install  metered  rack  PDUs  to  indicate  which  racks  and  outlets  have  capacity  for  new  HD  servers. . . 
and  which  ones  don't. 

Temperature  monitoring  in  the  racks 

Add  local  or  remote  monitoring  of  temperature  and  humidity  where  it  counts-in  your  enclosures. 

Centralized  monitoring  software 

Monitor  all  power,  cooling,  security,  and  environments  from  one  management  system  using  real-time 
data  at  the  row,  rack,  and  U-level. 

Operations  software  with  predictive  capacity  management 

Conventional  operations  software  simply  manages  inventory  fluctuations  and  configuration  changes. 
Our  capacity  management  software  does  this  and  more-simulating  and  predicting  the  true  impact 
a  new  server  or  other  equipment  will  have  on  your  power  and  cooling  infrastructure.  Only  through 
predictive  simulation  can  you  avoid  overloading  circuits  and 
generating  hot  spots. 

Efficient  InRow  cooling  products 

Innovative,  responsive  variable  speed  fans  optimize  efficiency 
by  closely  matching  performance  to  your  variable  cooling  needs. 

UPS  power  that  is  flexible  and  scalable 

Respond  quickly  and  efficiently,  without  wasteful  oversizing,  as  UPS  power  demand  grows.  Depending 
on  your  needs,  choose  a  scalable  row,  in-room,  or  back  room  UPS  solution. 


APC's 

Capacity  Manager 

has  received  a 
2007  Data  Center 
Products  of  the  Year 
Gold  Award  from 
Searchdatacenter.com 


...overlay  an  InfraStruXure  zone 
into  an  existing  large  data  center... 


Running  a  large  data  center  facility  is  challenging  enough 
without  the  intense  pressures  on  power,  cooling  and  management 
caused  by  high-density  computing  and  exacerbated  by  virtualiza¬ 
tion.  The  flexible  InfraStruXure  architecture  allows  you  to  identify 
your  specific  areas  of  high-density  computing  and  "overlay"  the 
InfraStruXure  zone  -  no  matter  the  size  or  configuration.  Not  only  is 
InfraStruXure  compatible  with  all  leading  IT  brands,  but  also  with 
any  and  all  existing  power  and  cooling  architectures.  Neutralize 
and  manage  high-density  zones  in  your  existing  facility  that  would 
otherwise  be  too  hot  to  cool  with  perimeter-only  solutions. 


has  a  high  speed  lane. 


Efficiency  8  Virtualization 

Your  servers  are  efficient  but  is  your  power  and  cooling? 


COOLING 

Mi  USAGE/CAPACITY 


SERVERS 


POWER 

USAGE/CAPACITY 


Pre-Server  Virtualization 


Big  gains  could  be  made  with  both 
server  and  power  and  cooling. 


□  Correct  Server  Utilization  [“1 

□  Correct-sized  Power  I  I 

□  Correct-sized  Cooling  LJ 


Post-Server  Virtualization 


Grossly  oversized  power  and  cooling  cancels 
out  potential  gains  made  by  virtualizing. 


2f  Correct  Server  Utilization 

□  Correct-sized  Power 

□  Correct-sized  Cooling 


Server  Virtualization  with  Power  and  Cooling 


Right-sized  power  and  cooling  tip  the  balance  back  in  your  favor. 

$  Correct  Server  Utilization 
[Zf  Correct-sized  Power 
[Zf  Correct-sized  Coaling 


The  13,000  square  foot  APC  InfraStruXure'  Hot  Aisle  Containment 
compute  space  had  a  measured  Data  Center  Efficiency  DCiE  of  78%  (PUE  1.28) 


Cooling  with  Inflow"  leads  to  highest  efficiency... 

Gain  thermal  efficiency  with  our  InRow  cooling  products.  Closely  coupling 
the  AC  with  the  heat  source  reduces  the  distance  cold  air  must  travel 
(from  50  feet  down  to  5  feet),  prevents  hot  exhaust  air  from  mixing  with 
cool  air  in  the  room,  and  allows  more  targeted  precision  cooling. 


Virtualization  is  here  to  stay. 

And  it's  no  wonder,  since  it  saves  space,  reduces  power  consumption 
and  gives  the  flexibility  and  control  to  maximize  your  IT  resources.  But 
these  benefits  of  a  smaller  footprint  come  at  a  cost.  Virtualized  servers, 
even  at  50%  capacity,  require  special  attention  to  cooling,  no  matter  the 
size  of  the  zone,  system,  or  overall  data  center. 

1.  Heat  Server  consolidation  creates  higher  densities  per  rack.  This,  in  turn, 
generates  more  and  more  heat,  putting  your  equipment  and  overall  system 
at  risk  for  downtime  and  failure. 

2.  Inefficiency  Perimeter-only  cooling  solutions  just  can't  handle  the  heat 
at  its  source  in  the  racks  or  rows  where  higher  densities  exist.  As  a  result, 
you're  forced  to  compensate  by  over  cooling  at  high  energy  costs-with 
disappointing  results. 

3.  Power  Events  Virtual  loads  are  constantly  on  the  move,  making  it  hard  to 
predict  available  power  and  cooling.  One  tripped  breaker  could  mean 
serious  and  irreversible  damage  to  your  network. 

Removes  barriers  to  high-density,  for  good. 

Power  and  cooling  issues  driven  by  high-density  shouldn't  stop  you 
from  adopting  valuable  trends  like  virtualization.  This  is  why  APC  has 
created  the  HD-Ready  InfraStruXure  architecture.  As  a  stand-alone 
system  or  as  a  zone  within  your  existing  data  center,  InfraStruXure 
gets  you  to  the  next  level. 


■  a  a  .  Efficiency  Index:  According  to  the  Green  Grid,  efficiency  is 

■  •  ■  ■  based  on  the  relative  relationship  between  server  utilization 

^  •  J  ^  the  green  grid  and  the  overall  power  and  cooling  efficiency.  If  you  right-size 

one  without  the  other,  you  won't  realize  true  efficiency  gains. 

(HD)  racks  right  now... 


...or  deploy  InfraStruXure 
as  the  foundation  of  your 
entire  data  center  or  server  room. 


As  technology  shifts  toward  high-density,  forward-thinking  IT 
managers  are  laying  basic  HD  framework  in  place,  so  they  can 
respond  quickly  to  future  change.  InfraStruXure  is  a  simple  yet 
dynamic  drop-in  solution  that  can  be  quickly  scaled  up  to  higher 
density.  When  you're  ready,  go  from  low  to  high  density  by 
adding  enhanced  monitoring,  power  and  temperature  control, 
software  management,  and  higher  capacity  AC  units. 

If  you're  already  feeling  the  heat  from  high-density  driven  by 
virtualization,  the  InfraStruXure  HD-Ready  system's  row  based 
cooling  and  management  will  allow  you  to  handle  20kW  or 
more  per  rack  and  deliver  system-wide  visibility  and  control. 

The  standardized  architecture  lets  you  grow  modularly  over 
time,  or  virtualize  anywhere  and  anytime  you  need  to. 


Simple  to  design,  configure,  and  install,  HD-Ready  InfraStruXure 
architecture  lets  you  decide  when  and  where  to  handle  higher 
densities,  in  a  specific  zone  or  system-wide.  Now,  with  HD-Ready 
InfraStruXure,  you  can  get  cooling  into  the  virtualized  high-density  row, 
control  power  at  the  rack  level,  and  manage  the  system  through 
advanced  software  and  simulation,  which  alerts  you  to  potential 
threats  to  a  virtualized  environment. 

Take  the  right-sized  approach  to  true  efficiency. 

You're  virtualizing  to  reduce  overall  energy  consumption.  By  eliminat¬ 
ing  under-utilized  servers  (sometimes  at  a  7:1  ratio)  you  will  waste 
less  energy.  But  wait. . .  data  center  efficiency  depends  on  the  relative 
efficiencies  of  power,  cooling,  and  servers.  You  can't  right-size  one  and 
not  the  others.  If  you  do,  you've  just  left  your  efficiency  savings  on  the 
table  (See  "Efficiency  and  Virtualization"  to  the  left). 

To  right-size,  you  can  depend  on  the  efficient  and  modular  HD-Ready 
InfraStruXure.  Its  UPS  technology,  combined  with  our  one-of-a-kind 
row  based  cooling  technology  with  optional  hot  aisle  containment,  will 
neutralize  heat  at  the  source.  Your  equipment  will  be  safer  and  more 
efficient  running  closer  to  100%  capacity.  No  more  threats  to  equip¬ 
ment,  no  more  under-utilized,  oversized  power  and  cooling. 

Don't  agonize,  virtualize. 

What  are  you  waiting  for?  The  APC 
HD-Ready  InfraStruXure  architecture  is 
so  versatile,  anyone  can  virtualize,  any¬ 
time,  anywhere.  Just  drop  it  in  and  go.  by  Schneider  Electric 


Why  do  leading  companies  prefer  InfraStruXure  6  to  1  over  traditional 
data  center  designs?  Find  out  at  www.xcompatible.com 


(^Jnfra^^ 

The  following  have  been  tested  and  work 
best  with  InfraStruXure  Solutions... 

|p|  SQUARE  □ 

Square  D *  is  a  market-leading  global  brand 
I  of  Schneider  Electric  for  NEMA  type  electrical 

distribution  and  industrial  control  products. 

|  systems  and  services . 

|  lac# 

*  TAC  provides  building  environment  services 

|  for  indoor  climate,  security  and  energy  use.  via 

advanced  technology  to  end-users  and  property. 

D0LL 

Dell  is  a  global  systems  and  services  company 
|  offering  a  broad  range  of  product  categories 

including  desktop  computer  systems,  servers 
and  networking  products,  mobility  products, 
software  and  peripherals  and  enhanced 
|  services. 

Cisco,  the  leading  supplier  of 
networking  equipment  and 
network  management  for  the 
Internet,  recognizes  APC  as  a 
Cisco  Technology  Developer 
Program  partner  for  its 
InfraStruXure •  architecture. 

Microsoft 

APC  is  proud  to  be  recognized  as  a  supporter 
of  the  Microsoft  Technology  Centers  through¬ 
out  the  U.  S.  with  our  InfraStruXure  solution. 


PELOT 

Pelco  is  a  worldwide  leader  in  the  design, 
development  and  manufacturing  of  video 
security  systems. 


.  1 1 1  ■  1 1 1  > 
CISCO. 

PARTNER 


Technology 

Developer 


EMC? 


% 


SELECT 


APC  is  a  member  of  the  EMC 
Select  program  which  offers 
the  InfraStruXure  product  line 
to  complete  your  EMC 
Storage  Solution. 


~ -E3==  ALLIANCE 
PARTNER 

The  largest  computer  company  in  the  world, 

IBM  manufactures  and  sells  hardware  and 
software  and  offers  infrastructure  services, 
hosting  services,  and  consulting  services  in 
areas  ranging  from  mainframe  computers  to 
nanotechnology. 

♦ Sun 

microsystems 

Sun  Microsystems  develops  the  most  innovative 
products  and  services  that  power  the  network 
economy.  Guided  by  a  singular  vision  -  "The 
Network  is  the  Computer"  -  Sun  drives  network 
participation  through  shared  innovation,  commu¬ 
nity  development  and  open  source  leadership. 


Go  to  www.xcompatible.com  to  learn 
more  about  how  these  products  work 
with  InfraStmXure's  high-density 
solutions. 

Download  a  FREE  copy 
of  APC  White  Paper  #126: 

"An  Improved  Architecture  ~ 
for  High-Efficiency,  High-Density 
Data  Centers"  and  start  running 
more  efficiently  today! 

Visit  www.apc.com/pramo 
Enter  Key  Code  cfi61w 
Caii  888-289-APCC  x9614 
Fax  401-788-2797 


©2008  American  Power  Conversion  Corporation.  All  trademarks  are  owned  by  Schneider  Electric  Industries  S.A.S.,  American  Power  Conversion  Corporation  or  their  affiliated  companies. 

e-mail:  esupport@apc.com  •  132  Fairgrounds  Road.  West  Kingston,  Rl  02892  USA  998-1255 


NEWS  ANALYSIS 


RFID  proving  to  be  Rx  for  hospitals 

Wireless  technology  being  used  to  track  everything  from  drugs  to  doctors 


BY  JOHN  COX 

A  new  study  shows  hospitals  are  aggressive¬ 
ly  deploying  a  range  of  active  and  some  pas¬ 
sive  radio-frequency  identification  systems. 

The  payback  no  longer  is  simply  being  able 
to  find  medical  equipment,  including  wheel¬ 
chairs.  Increasingly,  wireless  identification  and 
location  data  is  being  used  to  streamline  and 
repair  a  range  of  healthcare  workflows  and 
business  processes. 

The  study  “Trends  in  RFID  2008”  is  based  on 
100  telephone  interviews  conducted  earlier 
this  year  with  IT  professionals  and  clinical  and 
nursing  directors  at  hospitals  with  typically 
300  or  more  beds.  It  was  carried  out  by  Greg 
Malkary,  founder  and  managing  director  of 
Spyglass  Consulting  Group,  a  market-intelli¬ 
gence  and  research  firm  in  California. 

A  previous  Spyglass  study  was  done  in  2005. 
Since  then,  the  number  of  RFID-based  appli¬ 
cations  has  tripled,  Malkary  found.“A  few  years 
ago,  they  were  trialing  [RFID]  technology  with 
a  few  hundred  objects  being  tracked,”  he  says. 
Now  there  are  large-scale  product  deploy¬ 
ments  rolling  out,  tracking  thousands  of 
objects  in  multiple  locations. 

Harrisburg  Hospital  in  Pennsylvania  de¬ 
ployed  a  patient-tracking  system  from  Peri- 
Optimum  for  surgical  patients,  then  expanded 
the  433MHz  wireless  infrastructure  from  Radi- 
anse  to  track  wheelchairs  and  a  wide  range  of 
portable  medical  gear.  By  the  end  of  2008,  the 
hospital  plans  to  have  nearly  10,000  wireless 
tags  deployed.  As  at  Harrisburg,  many  of  these 
applications  are  “active  RFID” —  with  a  radio 
embedded  in  a  tag  that’s  able  to  transmit  a  sig¬ 
nal  on  its  own. These  products  use  a  variety  of 
frequency  bands,  and  in  some  cases  are  Wi-Fi 
based.  Passive  RFID  tags  lack  a  radio:  When 
they  come  near  a  tag  reader,  the  reader’s  radio 
activates  the  tag,  which  reflects  some  of  the  sig¬ 
nal’s  energy  back  to  the  reader,  carrying  with  it 
the  tag’s  unique  ID  number. 

Early  applications,  such  as  infant-tracking 
systems,  are  giving  way  to  staff  tracking,  com¬ 
bined  with  time-motion  studies  to  optimize 
workflows  in  such  areas  as  radiology  and  sur¬ 
gical  departments. “You  can  see  where  people 
are  and  figure  out  how  they’re  spending  their 
time,”  Malkary  says.  The  2008  interviewees 
linked  RFID  data  to  quality-improvement  pro¬ 
grams,  such  as  Six  Sigma. 

One  notable  technology  shift  is  healthcare’s 
willingness  to  embrace  multiple  wireless  tech¬ 
nologies.  The  2005  Spyglass  study  found  that 
90%  of  respondents  were  unwilling  to  invest  in 
wireless  that  didn’t  use  their  existing  wireless 
LAN  (WLAN)  or  corporate  backbones.  “Today 
they  are  much  more  open  to  multiple  tech¬ 
nology  investments  to  get  increased  levels  of 
[location]  accuracy?’  Malkary  says. 


Percentage  of  healthcare 
organizations  investing  in 
RFID-based  solutions. 


Accuracy  varies.  Wi-Fi  location  systems  are 
accurate  enough  to  place  tagged  objects  or 
people  in  general  areas.  However,  some  appli¬ 
cations  need  more  precision  or  more  control, 
or  both:  to  determine  whether  high-value 
drugs  are  in  a  refrigerator,  for  example,  or 
whether  high-value  medical  equipment  is  in  a 
sterilization  room.  Using  proprietary  radios  in 
other  frequency  bands  or  passive  RFID  sys¬ 
tems  are  alternatives. 

One  example  is  a  project  from  the  University 


BY  JOHN  FONTANA 

Microsoft  last  week  said  it  would  spend  as 
much  as  another  $100  million  to  purchase  cer¬ 
tificates  it  will  distribute  to  users  who  can  cash 
them  in  for  support  on  their  Novell  SUSE 
Linux  Enterprise  Servers. 

The  investment,  which  will  come  on  Nov.  1,  is 
on  top  of  the  $240  million  Microsoft  agreed  in 
2006  to  spend  on  certificates  as  part  of  a  five 
year  business  and  technology  deal  with 
Novell  that  also  included  intellectual  property 
rights  protection. 

In  addition,  Microsoft  will  provide  materi¬ 
als, such  as  best  practices,  tips  and  tricks;  and 
online  training  to  help  users  migrate  from 
non-Novell  platforms  to  Novell’s  Linux  oper¬ 
ating  system. 

Microsoft  also  will  offer  migration  assis¬ 
tance,  including  some  help  that  will  carry  a 
fee. 

The  two  vendors  claim  the  $100  million 
investment  is  needed  to  meet  customer 
demand  to  integrate  Linux  and  Windows. 
However,  Novell  has  only  invoiced  $156  mil- 


of  Wisconsin-Madison  RFID  Lab,  which  has 
partnered  with  three  national  blood  centers  to 
use  RFID  to  manage  the  complete  blood-sup¬ 
ply  chain  for  blood  used  in  transfusions,  as 
well  as  associated  medications. The  goal  is  to 
improve  the  safety  efficiency  and  accuracy  of 
the  U.S.  blood  supply 

RFID  investments  still  tend  to  focus  on 
department-level  problems,  not  hospitalwide 
ones.  One  hospital  Malkary  covered  in  depth 
is  Christiana  Hospital  in  Newark,  Del.,  where 
the  emergency  department  has  76  treatment 
rooms  that  handle  more  than  100,000  patients 
yearly  The  problem  was  that  triage  nurses  were 
losing  track  of  where  patients  were  in  the  treat¬ 
ment  process  as  they  were  moved  among 
diagnostic  and  treatment  facilities.  The  result: 
The  overall  length  of  a  patient’s  stay  was  spik¬ 
ing  above  normal  levels,  and  about  4%  to  5% 
were  leaving  without  any  treatment  at  all. 

Christiana  Hospital  combined  a  tracking  sys¬ 
tem  from  Patient  Care  Technology  Systems 
with  an  infrared-sensor  network  for  locating 
hardware  assets  from  Venus  Technology  The 
Web-based  application  shows  tagged  patients, 
staff  and  various  medical  assets;  and  creates  a 
visual  workflow  for  patient  progress.  The  data 
is  filtered  through  various  subset  views  so 
departments  can  anticipate  and  manage  the 
number  of  patients  and  streamline  their 
progress.  With  accurate  data,  the  length  of 
patients’ stays  has  been  reduced.  ■ 


lion  of  Microsoft’s  original  $240  million  certifi¬ 
cate  purchase,  leaving  35%  of  the  funds  still 
unused. 

The  original  deal,  which  raised  the  ire  of 
the  open  source  community,  covered  the  dis¬ 
tribution  of  70,000  certificates  for  SUSE 
Linux  Enterprise  Server  maintenance  and 
support. 

“As  we  look  quarter  by  quarter  to  number  of 
customers  grow  and  our  expectation  is  we  are 
on  track  to  deliver  on  the  original  commit¬ 
ment,  and  we  feel  good  about  the  incremental 
investment  we  added,” said  Susan  Hauser,  gen¬ 
eral  manager  of  strategic  partnerships  and 
licensing  at  Microsoft. 

In  November  2006,  Microsoft  and  Novell 
unveiled  a  partnership  designed  to  make  it 
easier  for  companies  to  run,  integrate  and 
manage  Linux  and  Windows  in  their  environ¬ 
ments  while  steering  clear  of  patent  and  intel¬ 
lectual  property  concerns. 

An  agreement  by  Microsoft  not  to  assert 
patent  and  intellectual  property  rights  runs 
through  2012.  ■ 


Microsoft  invests  more  in  Novell 
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Roll  in  a  MCVINCOOL 

There  are  endless  ways  to  cool  things  down. 

But  not  all  of  them  make  the  most  sense  for  you. 

When  you  need  spot  cooling  for  servers,  telecom  rooms,  or  office  environments,  the  Office  Pro  Series  by  MovinCool  is  your  best 
solution.  Flexible,  cost-effective  and  fully  self-contained,  these  models  range  from  1  to  5  tons  of  cooling  and  run  off  115,  208, 
230  and  460  voltages.  The  Office  Pro  portable  air  conditioners  also  cool-down  to  65°F,  making  them  perfect  for  any  room  with 
heat-generating  equipment.  Why  run  thru  sprinklers  when  you  can  simply  roll  a  unit  in,  set  the  digital  temperature  controller  and 
walk  away. 


Office  Pro  Series 


MCVINCOOL. 

THE  #1  SPOT  COOLING  SOLUTION 

A  division  of  DENSO  Corporation 


©  # 

■  •A  % ' 


m 

CM!  2  Classic  and  Classic  Plus  Series 

To  learn  more  about 

our  complete  line  of  spot  air  conditioners 
visit  movincool.com  or  call 

800-264-9573 


©2008  DENSO  Sales  California,  Inc.  MovinCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 


KARMA  UP 


Today,  datacenters  consume  up  to  30  times  more  energy  per  square  foot  than  a  typical 
office.  Energy  costs  eat  30%-40%  of  operational  budgets.  And  energy  usage  is  expected  to 
double  in  five  years.  Is  there  an  answer?  There  is:  green  datacenter  and  IT  services  from 
IBM  that  help  you  implement  energy  conservation  policies  in  your  datacenter  and  measure, 
manage  and  report  on  real  results  against  those  plans.  Many  IBM  customers  have  doubled 
their  IT  capacity  while  others  have  reduced  energy  costs  by  40%  or  more.  A  greener  world 
starts  with  greener  business.  Greener  business  starts  with  IBM. 


logo, and  ibm.com  are  trademarks  of  International  Business  Machines  Corporation,  registered  in  many  |unsdictions  worldwide.  A  current  list  c  BM  trademarks  s  avn  thie  (>•  t’v 
^Web'at/  iCopyright  and. trademark  information"  at  www  ibm.com/legal/copytrade.shtml.  ©  2008  IBM  Corporation.  All  rights  reserved 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Take  the  first  step  toward  a  greener  datacenter  at  ibm.com/green/services 


Virtualizing  network  security 


TECH  UPDATE 

An  inside  look  at  technologies  and  standards 


BY  JIM  FREEZE 

Enterprise  network  managers  are  looking  to  virtualize  more  data  cen¬ 
ter  resources,  but  they  hesitate  when  it  comes  to  security  They  want 
the  resource  sharing  and  hardware  consolidation  that  virtualization 
offers  but  aren’t  willing  to  risk  compromising  security 


So,  to  meet  security  demands  they  set  up 
racks  of  appliances  and  network  gear  (such  as 
load  balancers)  to  handle  firewall,  antivirus, 
antispam,  intrusion-detection/prevention  sys¬ 
tems,  content  filtering  and  other  security  tasks. 
As  network  traffic  grows  and  strains  the  sys¬ 
tems’  performance,  IT  meets  the  rising  demand 
by  adding  more  appliances,  load  balancers, 
switches  and  cabling,  as  well  as  redundant 
hardware  to  ensure  the  necessary  reliability 

The  resulting  appliance  sprawl  creates  a 
chaotic  architecture  that  is  increasingly  diffi¬ 
cult  and  expensive  to  manage  and  maintain, 
and  a  security  nightmare  waiting  to  happen. 

The  critical  requirements  for  enterprise 
security  are  superior  application  perform¬ 
ance,  ultra-low  latency,  massive  scalability, 
ultra-high  reliability  and  low  total  cost  of  own¬ 
ership  (TCO).  While  best-of-breed  appliance 
platforms  have  become  the  solution  of 
choice,  they  fail  to  deliver  massive  scalability. 
Sprawling  networks  of  hardware,  cables  and 
traffic-control  gear  provide  an  enterprise-size 
security  solution,  but  at  the  cost  of  complexity 

They  also  fail  to  meet  performance  require 
ments  in  the  form  of  low  latency  and  high  reli¬ 
ability,  and  TCO  goes  through  the  roof.  Unified 
threat  management  devices  unify  security 
applications  by  bringing  together  acquired 
technologies  into  a  single  solution,  but  users 
must  sacrifice  best-of-breed  choice  in  ex¬ 
change  for  ease  of  management,  a  risk  that 
large  enterprises  are  unwilling  to  accept. 

So,  what  is  the  alternative  to  appliance 
sprawl  and  low-end  unified  boxes?  An  ideal 
solution  would  deliver  key  operational,  techni¬ 
cal  and  economic  benefits,  including: 

•  Consolidation  of  appliance  computing 
resources  and  the  network  gear  required  to 
connect  them. 

•  Real  virtualization  capabilities  that  dra¬ 
matically  improve  resource  utilization. 

•  True  linear  scalability  enabling  efficient 
growth  for  existing  applications  as  well  as  the 
ability  to  add  new  ones. 

•  Support  for  multiple,  best-in-class  third-party 
applications  for  major  security  areas  including 
firewall,  IDS/IPS  and  content  gateways. 

•  Simplification  of  the  architecture  support¬ 
ing  multiple  security  services. 

•  Material  long-term  capital  and  operational 
savings. 


To  address  these  desired  benefits,  security 
technologies  are  being  integrated  into  plat¬ 
forms  that  enable  the  consolidation  and  virtu¬ 
alization  of  racks  of  appliances  and  multiple 
third-party  applications,  such  as  firewall, 
IDS/IPS,  antivirus/antispam,  content  checking 
and  URL  filtering.This  approach  makes  it  pos¬ 
sible  to  streamline  security  processes;  consoli¬ 
date  switches,  load  balancers  and  security 
appliances;  and  virtualize  the  delivery  of  mul¬ 
tiple  best-of-breed  security  applications. 

An  integrated  security  platform  can  be 
highly  scalable,  combining  specialized  appli¬ 
cation  processing  and  IP  network  blades  with 
a  high-throughput  backplane  and  a  hardened 
operating  system.  These  components  create  a 
sophisticated  yet  simplified  solution  that  con¬ 
solidates  the  appliances,  switches,  load  bal¬ 
ancers,  taps  and  port  mirrors  in  traditional  net¬ 
works  while  virtualizing  the  delivery  of  security 
applications.  Consolidation  reduces  capital 
expenditures  and  delivers  operational  savings. 

The  hardware 

One  of  the  primary  functions  of  an  integrated 
security  platform  is  highly  scalable  network 
processing  at  10-gigabit-plus  speeds. Thus,  such 
platforms  must  allow  for  the  scaling  of  IP  for¬ 
warding  capability  by  supporting  additional 
network  blades  as  needed.  Moreover,  these 
blades  must  also  serve  as  switching  and  load¬ 
balancing  centers  that  route  and  evenly  distrib¬ 
ute  network  flows  to  application  processors. 

Security  application  processing  is  provided 
by  a  second  type  of  blade,  which  provides 
single-blade,  multicore  processing  capabili¬ 
ties  that  replicate  the  computing  power  of 
special-purpose  security  appliances.The  pro¬ 
cessing  power  of  multiple  application  blades 
can  also  be  grouped  to  create  a  “virtual  ap¬ 
plication  processor”  that  enhances  perform¬ 
ance  and  redundancy. 

This  virtual  application  processor  scales 
linearly;  thus  two  blades  acting  as  one  virtual 
application  processor  have  twice  the  comput¬ 
ing  performance  as  one  blade.  Moreover,  traf¬ 
fic  flows  are  balanced  between  application 
blades  within  a  virtual  application  processor 
to  deliver  maximum  computing  efficiency. 
These  blades  also  are  hot-swappable  and 
quickly  adopt  the  configuration  of  any  failed 
blade  within  the  virtual  application  processor. 


Application  processors  have  priority  failover 
capability  can  be  configured  to  back  up  each 
other  and  can  switch  applications  based  on 
enterprise  priorities. 

The  final  processing  capability  in  integrated 
security  platforms  is  carried  out  by  the  control 
processing  blade,  which  constantly  manages 
and  monitors  every  one  of  the  platform’s  ele¬ 
ments  for  failures  and  performs  the  appropri¬ 
ate  system-level  self-healing  functions  for  ultra- 
high  reliability 

Integrated  security  platforms  deliver  the 
industry’s  most  advanced  high-availability  fea¬ 
tures  with  no  single  point  of  failure.  The  plat¬ 
form  architecture  provides  multiple  redundant 
data  paths,  dual  control  path  switch  fabrics, 
multiple  power  supplies  and  feeds,  and  redun¬ 
dant  network  and  control  processing  modules. 

The  sophisticated,  open  operating-system 
software  running  these  platforms  offers  the 
ability  to  logically  sequence  flows  from  one 
security  application  to  another.  This  lets  man¬ 
agers  get  the  benefits  of  security  “service 
chaining”  (such  as  traffic  flows  to  firewall  first 
and  then  an  IPS  device)  without  having  to 
build  the  appliance,  switching  and  load  bal¬ 
ancing  infrastructure  to  enable  it;  instead,  it’s 
all  done  via  software. 

Moreover,  it’s  done  in  a  way  that  lets  man¬ 
agers  choose  best-in-class  third-party  security 
applications  that  facilitate  implementation  of 
their  companies’  security  policies.  Additionally 
the  security  platform  operating  system  pro¬ 
vides  the  virtualization  capability  that  lets  secu¬ 
rity  applications  have  no  physical  representa¬ 
tion  on  applications  blades.  Instead,  the  oper¬ 
ating  system  creates  an  abstraction  that 
enables  applications  to  run  on  a  virtual  appli¬ 
cation  processor  that  is  a  collection  of  blades. 

Conclusion 

As  IT  management  looks  to  cut  costs  and 
ease  the  management  burden  of  increasingly 
complex  networks  while  complying  with  strin¬ 
gent  security  policies,  it  will  need  to  consider 
the  integrated  security  platforms.  These  plat¬ 
forms  deliver  unprecedented  levels  of  net¬ 
work  consolidation  and  scalability;  are  simple 
to  install,  integrate  and  operate;  and  deliver  on 
virtualization’s  promise  of  improved  infra¬ 
structure  and  asset  utilization. 

Together,  the  consolidation,  virtualization 
and  service  chaining  capabilities  of  these  plat¬ 
forms  reduce  appliance  sprawl;  efficiently  uti¬ 
lize  computing  and  network  resources;  and 
deliver  high  availability,  reliability  and  uncom¬ 
promising  performance. 

Freeze  is  the  chief  marketing  officer  for 
Crossbeam  Systems.  He  can  be  contacted  at 
jfreeze@crossbeamsys.  com. 
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Jott  outta  beta,  and  SliTaz  is  the  boss 


GEARHEAD 

Mark  Gibbs 


few  weeks  ago  I  wrote  about  Jott,  a  Web 
service  that  translates  speech  via  cell 
1  phones  to  text  lists,  e-mail  and  reminders 
(each  translated  message  is  called  a  “jott”).  Jott 
has  done  something  rare  among  online  start¬ 
ups  —  it  has  exited  beta  and  announced  it  is 
in  production! 

Allow  me  to  digress.  I  wonder  how  many  com¬ 
panies  have  graduated  from  beta  status  to  full 
release  over  the  last  year.  I  really  should  start  keeping  a  scorecard. 

Anyway,  along  with  its  graduation  from  beta,  Jott  has  announced 
pricing;  it’s  pretty  good. There  are  three  service  tiers:  Jott  Basic  (free), 
Jott  ($3.95  per  month)  and  Jott  Pro  ($12.95  per  month). 

All  levels  allow  for  unlimited  voice-to-text  and  reminders  and  access 
to  all  Jott  RSS  feeds.  Jott  Basic  and  Jott  provide  15  seconds  of  record¬ 
ing  per  jott,  while  Jott  Pro  allows  for  as  much  as  30  seconds.  All  but 
Jott  Basic  provide  hands-free  e-mail  and  text  messaging,  and  each 
level  provides  access  to  different  applications  for  interacting  with  Jott 
(all  support  the  iPhone;  only  the  paid  subscription  supports  Outlook, 
and  only  Jott  Pro  supports  BlackBerries). 

I’ve  been  getting  interesting  input  recently  Reader  Ben  Scott 
(Atlanta)  recommended  a  Linux  distro:  SliTaz.  He  wrote, “I  know  you 
love  cool  items.  Here  is  one  of  the  smallest,  fastest  X-capable  nix  out 
there.  It  is  a  multilanguage  project  —  French  and  English.  It  is  wafer- 
thin  and  way  cool.  Great  for  older  hardware  or  [kiosks]  .’’Thanks,  Ben. 

Despite  its  horrible  name,  SliTaz  (an  acronym  for  “Simple  Light 
Incredible  Temporary  Autonomous  Zone” —  yechhh)  isn’t  just  cool,  it’s 
way  cool. The  SliTaz  site  describes  the  project  as  “a  free  micro 
GNU/Linux  distro  using  BusyBox,  a  Linux  kernel  and  GNU  free  soft- 
ware.”TTie  project  staff  says  that  the  goal  of  SliTaz  was  to  get  a  distro  that 


could  run  completely  in  memory  and  supported  hard-disk  installation. 

SliTaz  boots  with  Syslinux.a  lightweight  bootloader,  and  “provides 
more  than  200  Linux  commands  [including]  the  LightTPD  Web  server, 
SQLite  database,  rescue  tools,  [Internet  Relay  Chat]  client,  SSH 
client/server  powered  by  Dropbear.X  window  system,  JWM  (Joe’s 
Window  Manager), gFTPGeany  [integrated  development  environ¬ 
ment]  ,  Mozilla  Firefox,  AlsaPlayer,  GParted,  a  sound-file  editor  and 
much  more.”  SliTaz  also  comes  with  a  hard-disk  installer,  a  CD  image¬ 
remastering  program  and  a  utility  that  installs  SliTaz  onto  a  USB  drive. 
All  this  is  designed  to  fit  in  an  ISO  image  of  less  than  30MB  that 
expands  to  around  80MB  on  installation! 

I  installed  SliTaz  from  the  ISO  in  a  virtual  machine  under  VMware 
Workstation  6.0.4;  and,  wow,  talk  about  fast  and  small.  SliTaz  will  easily 
run  in  128MB  of  RAM  and  can  be  shoehorned  into  running  in  as  little 
as  16MB!  And  it  boots  really  fast. 

Now,  try  this.  Go  to  Pendrivelinux.com  and  download  the  QEMU  PC 
hardware-emulator  installer. This  executable  is  actually  a  self-extracting 
archive.  When  you  run  it,  you  just  need  to  tell  the  installer  where  to 
unzip  the  contents. The  result  will  be  a  folder  named  QPU804. 

Copy  everything  from  this  folder  to  your  USB  drive,  then  add  to  that 
the  SliTaz  ISO  image. Voila!  You  now  have  a  portable,  virtualized  SliTaz 
installation  that  can  run  alongside  Windows  in  a  concurrent  virtual- 
machine  session.  In  fact,  the  QEMU  setup  can  execute  any  ISO  you 
put  on  the  drive. 

SliTaz  is  a  great  solution  for  a  portable  operating  system,  a  tremendous 
way  to  extend  the  life  of  older  machines  and  a  terrific  tool  set  for  recov¬ 
ering  sick  systems.  It  is,  as  my  son  and  his  friends  would  say“the  boss.” 

Gibbs  thinks  he’s  the  boss  in  Ventura,  Calif.Tell  him  if  you  know  other¬ 
wise  at  gearhead@gibbs.com. 


We’re  continuing  our  look 
at  some  devices  that  not 
only  connect  to  Wi-Fi  in 
unique  ways  but  also 
use  the  connection  to 
enhance  their  offerings. 

COOLTOOLS  The  scoop:  Dash  Ex- 
press,  by  Dash  Naviga¬ 
tion,  about  $300. 

What  it  is:  An  in-car  GPS  navigation  device,  the 
Dash  Express  offers  features  comparable  to  those 
of  other  stand-alone  systems,  including  turn-by¬ 
turn  driving  directions.  The  Dash  Express,  howev¬ 
er,  also  includes  a  wide-area  wireless  connection 
(through  arrangements  with  several  carriers;  to 
use  the  WAN,  users  must  pay  for  monthly  service) 
and  Wi-Fi,  which  creates  a  two-way  connection 
that  other  GPS  devices  don’t  have.That  allows  the 
Dash  unit  to  receive  map  and  software  updates 
more  quickly  than  can  other  devices,  which  rely 
on  the  user’s  connecting  the  GPS  unit  to  a  PC.In  addition, the  connection 
lets  Dash  provide  better  traffic  updates  —  the  device  connects  to  Dash 
servers,  and  they  can  relay  traffic  conditions  to  the  individual  unit  much 
faster  than  a  PC.  In  addition,  the  Dash  traffic  network  relies  on  informa¬ 
tion  from  other  Dash  users,  so  if  someone  a  few  miles  ahead  of  you  is  in 
a  traffic  jam,  that  data  can  be  sent  down  to  you  and  you  can  re-route. 

Why  it’s  cool:  The  easy-to-configure  Wi-Fi  connection  lets  the  device 
receive  updates  even  faster, so  software  can  download  while  your  car  is 
parked  in  the  driveway.  Adding  new  addresses  to  the  system  is  even 
cooler,  Dash  provides  an  Outlook  and  Web  browser  plug-in  that  lets  you 
highlight  any  address, then  send  that  address  directly  to  the  car.Through 


the  company’s  myDash  portal,  you  can  create 
customized  searches  that  get  sent  to  the  car.  For 
example,  I  sent  to  my  device  an  application  that 
showed  me  where  the  closest  Chick-Fil-A  restau¬ 
rants  were,  based  on  my  current  location. 

It’s  these  “DashApps”  that  make  the  Dash  more 
than  just  a  GPS  device.The  Dash  is  a  platform  that 
uses  two-way  Internet  connectivity  to  bring  more 
useful  features  to  the  device  than  just  the  ability  to 
get  you  from  Point  A  to  Point  B. 

Some  caveats:  While  the  new  features  excelled 
in  their  ability  to  add  more  to  the  GPS  device,  the 
basics  of  the  GPS  device  were  a  little  lacking. The 
voice  that  gives  directions,  in  particular,  was  much 
more  robotic  and  less  pleasant  to  listen  to  than 
the  voices  of  other  systems  I’ve  tested. 

One  final  note:  During  testing,  thieves  stole  the 
Dash  unit  from  my  car.  While  the  two-way  connec¬ 
tion  could  have  been  used  to  help  locate  the  de¬ 
vice,  Dash  officials  say  they  don’t  do  this  be¬ 
cause  of  privacy  issues  (all  traffic  data  is  collected  anonymously). Perhaps 
future  GPS  devices  that  use  two-way  communications  would  let  users  opt- 
in  to  a  tracking  feature,  so  if  their  device  gets  stolen,  police  could  track  it 
down  and  make  an  arrest.  Fortunately  Dash  could  use  the  connection  and 
“brick”  the  device,  that  is,  wipe  the  address  data  from  the  unit  and  disable 
the  GPS.  At  least  those  who  stole  the  unit  won’t  be  able  to  use  it  now. 

Grade:  ★★★★  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com.  New  Cool  Tools  videos 
every  Thursday  and  Twisted  Pair  podcast  every  Friday  at  www.network 
world.com. 


Gadgets  get  Wi-Fi  right  (Part  2) 


The  Dash  Express  GPS 

has  WAN  and  Wi-Fi  connectivity 
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Every  business  process  and  service  leaves  a  measurable  carbon  footprint.  So  how  do  you 
increase  control  and  visibility  of  those  processes  while  limiting  their  carbon  impact?  With 
IBM’s  Smart  SOA  approach.  It  helps  you  optimize  resources  and  break  inefficient,  siloed 
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Selective  suppression 

The  Approximate  Link  State  (XL)  algorithm  selectively  suppresses  updates 
about  router  status  in  open  shortest  path  first  (OSPF)  and  intermediate  system 
to  intermediate  system  (IS-IS)  networks  to  reduce  update  floods  and  make 
the  networks  operate  more  efficiently. 


D  Today,  if  Router  A  fails,  a  topology  update  floods  the  network.  With  XL,  when  Router  A  fails,  Router  B  is 


aware  of  it  and  sends  an  update  to  Router  G. 

Q  Router  C  would  update  Router  D  because  0  needs  to  know  a  path  it  might  use  is  blocked  by  the  failure, 
B  Router  C  would  not  update  Router  E  because  E's  knowing  of  the  outage  won't  affect  its  options, 


Algorithm 

continued  from  page  1 

phorically.we  tell  everyone  that  information 
in  networking.” 

To  deal  with  that  problem,  large  networks  are 
manually  engineered  to  create  areas  — con¬ 
ceptually  isolated  groups  of  routers — that  limit 
the  number  of  routers  any  flood  reaches. 
Routers  still  receive  floods,  but  only  from  the 
routers  within  their  areas. 

XL  can  eliminate  manual  configuration  of 
areas,  Savage  says.  Instead,  each  router  auto¬ 
matically  figures  out  to  which  other  routers  it 
should  pass  along  updates  so  all  destinations 
can  still  be  reached  and  loops  don’t  occur  that 
effectively  black-hole  packets. 

“I  think  it  makes  some  sense,”  says  Zeus 
Kerravala,  an  analyst  with  the  Yankee  Group. 
Setting  up  route  areas  is  a  challenging  task 
that  requires  figuring  out  the  best  logical 
division  of  the  entire  network  into  the  small¬ 
er  network  areas,  he  says. 

“Part  of  the  magic  of  it  is  to  figure  out  what 
goes  into  each  routed  segment.  Where  do 
you  put  the  borders?”  Kerravala  says.  “You 
could  put  a  branch  in  one  area,  the  floor  of 
a  building,  a  department,  all  of  a  class  of 
devices  like  IP  phones.” 

The  XL  algorithm  selectively  withholds  some 
updates,  creating  a  trade-off.  If  a  new  link 
becomes  available  after  a  failure,  the  algorithm 
decides  whether  forwarding  the  information 
beyond  a  router’s  immediate  neighbors  will 
improve  enough  paths  by  a  great  enough  per¬ 
centage  to  warrant  passing  it  along. 

If  not,  the  router  suppresses  the  update  by 
not  forwarding  it.  The  general  result  is  that 
updates  are  sent  only  to  the  immediate 
areas  where  topology  has  changed,  making 
the  distribution  less  disruptive. 


DTN 

continued  from  page  12 

envelope  that  has  blank  spaces  in  the  address. 

As  the  packet  makes  its  way  through  the 
DTN,  this  additional  information  gets  filled  in. 
Eventually  the  destination  IP  address  binding 
takes  place,  and  the  transmission  completes 
as  the  packet  is  forwarded. 

The  three-week  prototype  field  test  at  Fort 
A.PHill  last  fall  involved  20  nodes,  mainly  lap- 
top-like  embedded  computers,  running  the 
DTN  protocol  with  GPS  and  Wi-Fi  connec¬ 
tivity  (see  photograph,  page  12).  Most  of  the 
nodes  were  stationary  representing  soldiers 
at  a  simulated  forward  operations  base,  try¬ 
ing  to  communicate  with  a  headquarters 
site  about  2  kilometers  away  The  scenario 
simulated  sending  back  tactical  informa¬ 
tion  (such  as  ammunition  levels  and  enemy 
sightings)  so  that  headquarters  staff  could 
form  an  accurate,  timely  view  of  the  forward 
base’s  status. 

Several  of  the  nodes  were  mounted  in 
SUVs  which  drove  a  periodic  circuit 


Each  router  with  XL  would  maintain  data 
about  its  neighbors’  shortest  path  tree  — 
how  its  neighbor  views  the  network  —  and 
use  that  to  determine  whether  to  forward 
path  updates.  That  would  increase  the 
amount  of  data  routers  keep,  but  Savage 
says  his  team  thinks  that  the  amount  of 
additional  data  would  be  very  small. 

That  benefit  is  balanced  against  the  fact 
that  employing  the  algorithm  means  each 
router  has  less  precise  information  about 
the  actual  state  of  the  network. 


between  the  two  locations.  The  vehicles 
were  simulating  airborne  drones  that  could 
circle  over  the  locations  with  a  wireless  link 
to  the  ground  nodes. 

Alongside  the  DTN  was  a  standard  IP  net¬ 
work;  each  packet  was  transmitted  over 
both  networks  to  compare  performance. 

The  difference  was  dramatic,  according  to 
Small.  The  DTN  network  was  able  to  suc¬ 
cessfully  transmit  five  times  the  amount  of 
status  information  as  the  IP  network.  (A 
summary  of  the  results  is  online.) 

The  nodes  representing  soldiers  were  able 
to  queue  their  transmissions,  then  hand 
them  off  to  nodes  mounted  on  the  moving 
trucks. When  the  truck  nodes  came  in  range 
of  a  headquarters  node,  the  transmission 
was  successfully  completed. 

Now  it’s  time  to  up  the  ante. 

“This  is  where  it  gets  interesting,”  Small 
says.  “We’re  not  going  to  deploy  this  with 
100,000  troops  [in  this  phase],  but  we  will 
demonstrate  that  it  can  work  with  hundreds 
of  nodes  and  that  it  can  work  for  weeks  at  a 
time.”B 


In  big  networks,  overall  performance  is 
limited  by  the  slowest  router.  “That’s  the 
router  you’re  waiting  for  so  the  new  network 
configuration  can  converge,”  Savage  says. 

Because  buying  cycles  for  routers  may 
vary  within  very  large  networks,  older,  slow¬ 
er  routers  can  have  a  big  impact,  Savage 
says. “Scalability  may  be  limited  by  stuff  you 
bought  10  years  ago  that  you  can’t  afford  to 
replace  yet,”  he  says. 

Kerravala  says  incomplete  knowledge  of 
network  topology  and  all  possible  paths  is 
not  necessarily  bad.  “If  you  operate  at  light 
speed  like  packets  do,  you  could  take  the 
less-than-optimal  path  and  it  won’t  make 
much  difference,”  he  says. 

But  Kerravala  says  he’ll  reserve  judgment 
until  the  algorithm  is  demonstrated  in  a  real 
network.  “I’m  skeptical.  I’d  want  to  see  it  work 
and  see  how  it  updates  routes,”  he  says. 

The  algorithm  is  compatible  with  Inter¬ 
mediate  System-to-Intermediate  System  and 
Open  Shortest  Path  First  link-state  routing, 
Savage  says,  which  means  the  software  up¬ 
grade  containing  the  algorithm  could  be 
deployed  incrementally  and  would  interop¬ 
erate  with  existing  router  protocols.  The 
goal  in  these  networks  would  be  to  opti¬ 
mize  paths  based  on  a  given  parameter, 
such  as  latency  or  bandwidth,  he  says. 

Getting  XL  into  practical  use  would 
require  router  makers  to  incorporate  it  in 
their  software,  Savage  says.“It  would  need  to 
be  embraced  by  vendors.  If  Cisco  picked  it 
up  it  would  have  impact,”  he  says. 

Savage  already  has  briefed  Cisco,  which 
helped  fund  his  research  through  the  Center  for 
Network  Systems.  Cisco  wouldn’t  say  how  inter¬ 
ested  it  is  in  implementing  the  algorithm.  ■ 
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Brain  scanning  network 


The  Human  Neuroimaging  Laboratory  at  Baylor  College  of  Medicine  performs 
cutting-edge  research  on  the  human  brain  with  functional  magnetic  resonance 
imaging  (fMRI)  machines.  Here’s  a  look  at  the  network  that  supports  this  research. 


102TB  of  Pillar  Data  Systems  storage  and  15TB  of  IBM  System 
Storage  DS4500:  HNL  stores  brain  scans  and  other  research- 
related  data  primarily  on  Pillar  storage,  which  uses  extra  RAID 
controllers  to  increase  disk  utilization  rates. 


Four  Fibre  Channel  switches:  HNL  uses 
QLogic  SANbox  5600  switches  to  connect 
servers  to  the  Pillar  and  IBM  storage  boxes. 


Four  Dell  PowerEdge  2950  servers:  Using 
VMware's  hypervisor,  HNL  carves  up  each 
physical  box  into  six  or  seven  virtual  servers. 


IGbps  Ethernet  connection 

(Cisco  Catalyst  6509  switch) 


Five  fMRI  machines:  fMRI  is  a  type  of  specialized  MRI 
scanner  that  HNL  uses  for  so-called  “hyperscanning”  a 
method  in  which  human  subjects  can  interact  with  each 
other  while  their  brains  are  being  scanned. 


fnnnnnnnJ^  nnnnnnnJ^ 

(rumnnnnJs  ruvmnnnJy 

XEH 


fnrtnnnnnJ>) 


C 


King 

continued  from  page  1 

—  Justin  King.  The  best  part?  He’s  a  college 
dropout. 

King,  29,  attended  the  University  of  Texas  but 
was  thoroughly  unimpressed  by  its  computer 
science  department.  In  one  class,  he  remem¬ 
bers,  there  were  far  more  students  than  com¬ 
puters,  and  many  of  them  were  broken.  He  left 
after  two  years. 

“I  said,  you’re  kidding  me  —  one  of  the 
biggest  schools  in  the  nation  can’t  get  enough 
computers  to  use?  On  top  of  that,  it  was  1999. 
People  were  getting  $50  million  to  teach  swim¬ 
ming  lessons  online,”  King  says. 

There’s  some  exaggeration  there,  but  many 
people  have  succeeded  without  a  college 
degree.  After  all,  Bill  Gates  skipped  out  of 
Harvard  in  1976. 

King  had  been  working  in  a  computer  store 
since  high  school  and  figured  he  could  at  least 
get  a  job  doing  desktop  support.  He  did  just 
that  at  Sysco,  the  food  company  with  head¬ 
quarters  in  Houston.  King  was  hired  away  nine 
months  later  by  Read  Montague,  a  neuro¬ 
science  professor  who  was  starting  a  software 
company  called  Quaadros. 

The  company  failed,  but  King  followed 
Montague  to  Baylor  College  in  2001.  By  2003, 
Montague  had  opened  the  HNL,  and  King’s 
role  has  only  expanded  each  year. 

Despite  being  a  professor,  Montague  didn’t 
seem  to  mind  King’s  lack  of  a  college  degree. 

“I  just  sort  of  work  like  a  maniac,”  King  says. 
“That’s  right  up  Read’s  alley  He  just  puts  every¬ 
one  to  shame.  He  works  all  the  time.” 

King  is  the  sole  system  administrator  for  the 
HNL  and  the  Computational  Psychiatry  Unit. 
He  and  a  few  software  programmers  at  the  lab 
have  immersed  themselves  not  only  in  com¬ 
puter  technology  but  also  in  the  science  of 
fMRI  experiments, says  HNL  director  Montague. 
“It’s  a  very  rare  system  administrator  . . .  who 
understands  the  nature  of  the  experiments 
we’re  doing,”  he  says.“l  always  included  them  as 
much  as  possible.  There’s  not  a  cultural  gap 
between  the  scientists  and  the  computer  guys.” 

It’s  common  for  King  and  the  programmers 
to  ask  probing  questions  —  Do  you  really 
want  to  store  the  data  that  way?  What  method 
should  be  used  to  anonymize  personal  infor¬ 
mation?  The  intertwining  of  scientists  and 
techies  at  HNL  has  helped  keep  the  lab  nimble 
and  lean,  Montague  says. 

The  list  of  technologies  King  manages 
includes  102TB  of  Pillar  Data  Systems  storage; 
15TB  of  IBM  DS4500  storage;  a  Dell  tape 
library;  four  Fibre  Channel  QLogic  SANbox 
5600  switches;  about  30  x86  servers,  mostly 
Dell;VMware  virtualization;  a  PostgreSQL  data¬ 
base  for  storing  experimental  data;  and  two 
Western  Scientific  high-performance  comput¬ 
ing  clusters  with  50  nodes  each. 

There’s  also  a  Cisco  Catalyst  6509  switch,  but 
luckily  for  King,  the  Baylor  College  of 
Medicine  has  a  network  group,  so  he  doesn’t 
have  to  manage  that  piece  of  technology.  King 


manages  Microsoft  Exchange  e-mail  for  the 
HNL  and  Computational  Psychiatry  Unit,  but 
the  college  network  team  manages  spam-fil¬ 
tering  and  antivirus  needs,  taking  much  of  the 
burden  off  King. 

King  singles  out  a  few  products  that  have 
helped  him  simplify  his  job,  including  Pillar’s 
storage  and  VMware’s  server  virtualization. 
Managing  all  virtual  servers  from  one  inter¬ 
face,  and  such  advanced  features  as  live  migra¬ 
tion  and  high  availability  are  the  key  benefits 
of  using  VMware,  he  says. 

Virtualization  raises  the  threat  of  having  a 
single  point  of  failure  for  many  workloads, 
though,  King  notes.  With  VMware,  “you’ve  got 
everything  you  need  in  one  space,”  he  says.“At 
the  same  time,  if  one  server  goes  down, you’re 
going  to  lose  a  bunch  of  [workloads].” 

A  lot  of  VMware  customers  suffered  from 
such  a  problem  recently  when  a  bug  in  a  soft¬ 
ware  update  prevented  virtual  machines  from 
booting  up.  King  avoided  the  problem  by  not 
upgrading  to  the  new  software.  “It  always 
makes  sense  to  wait  at  least  two  weeks  to 
install  the  newest  version,”  he  says. 

King  recently  upgraded  most  of  his  storage 
to  Pillar  from  IBM  System  Storage  DS4500,  an 
older  product  that  IBM  is  no  longer  selling. 

Pillar  storage  drives  up  disk  utilization  rates 
by  providing  extra  RAID  controllers.  It’s  also 
billed  as  “application-aware,”  meaning  it 
knows  the  requirements  of  specific  applica¬ 
tions  and  can  reassign  resources  based  on 


changing  priorities. 

For  example,  it’s  easy  to  move  data  from 
high-performance  disk  drives  to  the  archive 
layer,  King  says.  Pillar  is  able  to  squeeze  lots  of 
performance  out  of  standard  Serial 
Advanced  Technology  Attachment  drives  that 
are  not  as  expensive  as  Fibre  Channel  hard¬ 
ware,  he  says. 

“You  can  selectively  decide  how  fast  or  slow 
you  want  your  storage  to  be,”  King  says.“That’s 
extremely  important.  We  have  lots  of  stuff  we 
don’t  need  on  really  fast-spinning  disks, but  we 
need  it  on  near-line  availability’ 

When  you’re  the  Lone  Ranger  in  a  one-man 
IT  department,  “just  finding  enough  time  to 
stay  focused  on  one  thing”  is  the  biggest  chal¬ 
lenge,  King  says.“I  try  to  offer  as  much  as  I  pos¬ 
sibly  can.  We ’re  not  an  Amazon.  If  we  go  down 
for  an  hour,  we’re  not  losing  money  by  the  sec¬ 
ond.  It’s  an  inconvenience,  but  it’s  not  the  end 
of  the  world.” 

King  provides  services  to  about  a  half-dozen 
faculty  members,  and  a  few  dozen  doctoral 
students  and  researchers.  Because  of  their 
high  level  of  technical  expertise,  King  does 
not  have  to  deal  with  some  of  the  minor  prob¬ 
lems  that  monopolize  the  time  of  a  typical 
system  administrator. “The  people  here  ...  are 
all  pretty  savvy’  he  says.  “I  don’t  have  to  deal 
with  [users  saying]  ‘I  can’t  figure  out  how  to 
get  my  printer  installed,’  or  ‘the  sound  isn’t 
working.’  That  makes  it  possible  to  get  other 
stuff  done.”B 
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Virtualization 

continued  from  page  14 

virtualization  vendor  DataCore  Software.  In 
addition, storage  virtualization  by  itself  can  pro¬ 
vide  thin  provisioning,  as  well  as  the  simplified 
management  structure  that  comes  with  pool¬ 
ing  storage  devices  and  managing  them  from  a 
central  console. 

On  the  flip  side,  virtualizing  servers  without 
virtualizing  storage  is  problematic.  It  doesn’t 
make  sense  to  have  multiple  virtual  servers  on 
a  physical  machine  that  aren’t  able  to  share 
data, says  Enterprise  Strategy  Group  (ESG)  ana¬ 
lyst  Mark  Peters. 

“You  can  gain  tremendous  benefits  from  stor¬ 
age  virtualization,  even  without  server  virtual¬ 
ization.  It’s  harder  the  other  way  around,”  Peters 
says. 

Virtualization  in  heterogeneous 
environment 

Given  that  virtualization  is  designed  to  com¬ 
bine  multiple  storage  devices,  it’s  not  immedi¬ 
ately  obvious  why  it  makes  sense  to  virtualize 
your  storage  if  it  all  comes  from  a  single  vendor. 

There  are  compelling  reasons,  however,  says 
storage  analyst  Arun  Taneja.  ‘A  lot  of  people 
think  storage  virtualization  has  a  prerequisite 
of  heterogeneity  that  it  only  comes  into  play 
when  storage  from  three  companies  is 
involved,”  he  says.  “I  say  forget  it,  it  has  value 
even  if  you  are  stuck  with  a  single  vendor!’ 

The  storage  market  is  more  proprietary  than 
just  about  any  other  IT  space,  and  this  creates 
problems  even  if  you  have  just  one  storage 
vendor, Taneja  says. 

Say  you’re  an  EMC  customer  with  two  Sym- 
metrix  DMX  boxes,  and  “you  just  want  to  com¬ 
bine  the  power  of  those  two  boxes  and  man¬ 
age  it  as  one, ’’Taneja  says.“  [Without  storage  vir¬ 
tualization]  you  can’t  do  it.  That’s  how  ridicu¬ 
lous  the  world  of  storage  is.” 

This  “ridiculous”  level  of  exclusivity  in  the 
storage  market  takes  on  a  new  dimension 
when  you’re  managing  storage  from  multiple 
vendors.  That  leads  to  the  next  issue. 

Choosing  a  vendor 

Corporations’  primary  procurement  dilem¬ 
ma  is  whether  to  purchase  storage-virtualiza¬ 
tion  products  from  a  storage  vendor  or  a  third 
party  If  your  true  objective  is  flexibility  espe¬ 
cially  if  you’re  planning  major  data  migrations, 
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a  third  party  is  the  way  to  go, Taneja  says.  Such 
vendors  as  FalconStor  Software  and  DataCore 
are  capable  of  managing  storage  from  multiple 
vendors  simultaneously  whether  they  are  EMC, 
HpiBM  or  Hitachi  Data  Systems. 

Truly  Nolen  chose  a  third  party,  DataCore, 
even  though  the  company  uses  only  HP  stor¬ 
age.  The  company  evaluated  virtualization 
vendors  including  HR  EMC  and  Dell  Equal- 
Logic,  but  settled  on  DataCore  because  it 
was  less  expensive  and  offers  the  flexibility 
of  using  whichever  hardware  vendor  it  likes, 
Tokkaris  says. 

The  major  storage  vendors  promise  to  be 
able  to  manage  a  heterogeneous  environment. 
Examples  include  IBM’s  SAN  Volume  Con¬ 
troller,  NetApp’s  V-Series  and  EMC’s  Invista.  As  a 
general  rule,  though,  vendors  support  their 
own  storage  products  first  and  others  second, 
if  at  all. 

“They  always  support  their  own  systems 
first,”  Taneja  says.  “That  means  EMC’s  Invista 
supports  DMXs  and  Clariions,  and  they 
might  support  some  other  foreign  devices; 
but  the  support  for  foreign  devices  always 
lags,  and  support  for  foreign  devices  is 
always  incomplete.  The  whole  idea  is  don’t 
support  your  enemies’  boxes.” 

Peters  predicts  that  as  storage  virtualization 
becomes  more  common,  market  pressure  will 
force  vendors  to  do  a  better  job  supporting 
their  rivals’  technology 

If  you  get  storage  from  just  one  vendor,  how¬ 
ever,  the  solution  is  simple. 

“1  say  to  the  IT  people  I  talk  to,  if  you’re  a 
Hitachi  customer  and  you  like  working  with 
them  and  you’re  stuck  with  them,  just  buy  their 


Spectrum 

continued  from  page  16 

geo-location  database  to  help  provide  protec¬ 
tion  for  existing  broadcast  signals, 
cast  signals.  Essentially  geo-location  tracks 
mobile  devices  by  locating  them  through  their 
specific  IP  address,  media-access-control 
address, radio-frequency  identification  or  other 
location-based  information.  From  there,  the 
database  looks  at  the  licensed  spectrums 
being  used  within  a  given  area,  and  ranks  the 
remaining  available  spectrums  by  their 
strength  and  closeness  to  a  spectrum  already 
in  use.  Finally,  the  database  automatically 
selects  the  optimal  white-space  spectrum  for 
the  device  based  on  its  location,  then  switches 
the  device  to  a  different  spectrum  once  it 
moves  to  a  different  location. 

Motorola  concedes  that  these  geo-location 
capabilities  might  not  assuage  the  NAB, 
which  has  stated  clearly  that  it  wants  no 
mobile  devices  operating  on  unlicensed  tele¬ 
vision  spectrum.  However,  Motorola  is  opti¬ 
mistic  that  the  FCC  soon  will  allow  its  devices 
to  operate  on  the  spectrum  and  will  find  that 
geo-location  practically  eliminates  the  risk  of 
interference. 

Although  no  one  knows  for  certain  how  the 


virtualization  to  make  life  more  manageable 
within  Hitachi  products, ’’Taneja  says. 

Sifting  through  the  hype 

By  most  accounts,  storage  virtualization  is  a 
no-brainer. Who  wouldn’t  want  to  manage  mul¬ 
tiple  storage  devices  from  a  single  console, and 
gain  data  mobility  that  makes  disaster  recovery 
a  breeze? 

Storage  virtualization  will  be  about  as  com¬ 
mon  as  automatic  transmissions  in  automo¬ 
biles  within  a  couple  of  years,  ESG’s  Peters 
thinks.“There  are  certain  technologies  that  are 
just  smarter  and  better  than  people  doing  it 
manually’  he  says. 

Even  storage  virtualization  vendors,  however, 
can  admit  there  are  instances  when  the  tech¬ 
nology  isn’t  a  fit.  Storage  virtualization  is  not  for 
everyone, says  Kyle  Fitze,an  HP  director  of  stor¬ 
age  marketing.  Virtualization  actually  adds  a 
layer  of  complexity  he  argues.You  have  to  man¬ 
age  the  individual  storage  devices,  as  well  as 
the  virtualization  layer,  he  notes.  Despite  virtu¬ 
alization, you  still  have  to  perform  such  tasks  as 
reconfiguring  devices  after  adding  physical 
disks  to  storage  arrays,  he  adds. 

As  a  general  rule  of  thumb,  the  more  compli¬ 
cated  your  storage  environment,  the  more  ben¬ 
efit  virtualization  brings. 

“There’s  a  complexity/benefit  trade-off,”  Fitze 
says.“If  their  current  environment  is  difficult  to 
manage  and  complex  . . .  adding  a  virtualiza¬ 
tion  layer  can  simplify  that  complexity  If  it’s  a 
small,  efficiently  managed  environment  with¬ 
out  data-protection  challenges,  then  virtualiza¬ 
tion  just  for  virtualization’s  sake  is  probably 
not  a  good  idea.”B 


FCC  will  rule,  both  sides  have  been  gearing  up 
their  public  relations  machines  to  make  their 
case.  Device  manufacturers  Motorola  and 
Philips  have  gone  to  the  press  to  stoke  expec¬ 
tations  for  how  well  their  products  performed 
in  the  FCC  tests,  while  Verizon  has  tried  to  tem¬ 
per  public  expectations  by  indicating  that 
more  work  would  have  to  be  done  before  it 
could  come  out  in  favor  of  white-space  use. 

The  NAB,  for  its  part,  has  created  a  campaign 
called  “Interference  Zones”  that  urges  people 
to  tell  Congress  to  ban  the  use  of  unlicensed 
devices  on  white  spaces.  The  association  is 
illustrating  this  point  by  displaying  a  cartoon  of 
a  sinister-looking  cell  phone  named  Wally  that 
gleefully  interferes  with  Direct  TV  signals. 
Google,  which  so  far  has  been  one  of  the  most 
vocal  proponents  of  white-space  use,  launched 
its  Free  the  Airwaves  campaign  this  week  to 
explain  the  white-space  debate  to  the  public  in 
layman’s  terms.  “You  don’t  need  to  be  a 
telecommunications  expert  to  understand  that 
freeing  the  ‘white  spaces’  has  the  potential  to 
transform  wireless  Internet  as  we  know  it,”  says 
Minnie  Ingersoll,  the  product  manager  for 
Google’s  Alternative  Access  Team.  “There’s  no 
doubt  that  if  these  airwaves  are  opened  up  to 
unlicensed  use,  more  people  will  be  using  the 
Internet.”  H 
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How  to  simplify  data  center  networks 

Researchers  plan  to  use  fewer  10G  Ethernet  switches,  more  commodity  devices 


BY  DENISE  DUBIE 

Buying  faster  switches  might  not  be  the  only 
way  to  amp  up  performance  across  data  cen¬ 
ter  networks,  according  to  researchers  at  the 
University  of  California,  San  Diego,  who  this 
week  proposed  a  network  architecture  that 
would  let  commodity  Ethernet  switches  deliv¬ 
er  better  performance  at  a  lower  cost  than  their 
10  Gigabit  Ethernet  counterparts  can. 

Amin  Vahdat,  computer  science  professor  at 
UC  San  Diego,  presented  research  findings  at 
S1GCOMM  2008  in  Seattle  that  laid  out  how  the 
principles  behind  clustered  computing  could 
be  applied  to  network  architecture  to  improve 
scalability  and  performance  at  reduced  costs. 

“Data  centers  are  not  being  built  on  high- 
end  components,  but  on  the  networking  side 
we  still  rely  on  high-end,  leading-edge  tech¬ 
nology  says  Vahdat,  one  of  three  authors 
behind  a  paper  titled  “A  Scalable,  Commodity 
Data  Center  Network  Architecture.” 

Instead  of  investing  in  specialty  gear,  such  as 
10  Gigabit  (10G)  Ethernet  switches  and  rout¬ 
ers,  and  using  a  standard  three-tier  architec¬ 


ture,  Vahdat  says  companies  could  use  com¬ 
modity  Ethernet  switches  at  a  much  lower  cost 
to  achieve  the  same  performance  (see  dia¬ 
gram).  Anecdotally,  a  20,000-node  network 
using  pricey  switches  could  cost  as  much  as 
$28  million  to  construct;  with  commodity  gear, 
the  same  network  would  ring  up  at  closer  to  $4 
million,  he  says. 

“These  are  optimistic  numbers,  but  taking 
advantage  of  the  commodity  side  of  things 
will  be  incredibly  disruptive  to  computing  and 
technology  Vahdat  says. 

The  findings  come  at  a  time  when  the  emer¬ 
gence  of  high-end  data  centers  supporting 
some  100,000  nodes  is  breaking  the  old  model 
for  networks  and  causing  enterprise  IT  man¬ 
agers  to  look  for  options  while  standards 
around  40G  Ethernet  are  still  several  months 
away  and  100G  Ethernet,  years  off. 

“The  low  cost  and  flexibility  of  Ethernet  are 
the  drivers  behind  this  trend,  and  UCSD’s 
research  is  a  good  example  of  just  how  far  this 
idea  can  go,”  says  Phil  Hochmuth,  senior  ana¬ 
lyst  at  Yankee  Group. 


Getting  more  network  for  less  cost 

Researchers  argue  that  network  designers  can  cut  costs  and  scale  bandwidth 
better  by  building  large-scale  communications  networks  from  many  small 


Ethernet  commodity  switches. 

Traditional  topology 

lurT8]  c°re 


c 

nnnnnnn. 

_  Aggregation 

x) 

mnnnnnn 

Y)  fi 

Edge 

71 

42? 

i/  U 

333 

333 

is 

33 

Fat-tree  topology 


j»— Core 


A  traditional  three-tiered  network  design 

By  connecting  commodity  Ethernet 

with  core,  aggregation  and  edge  layers 

switches  in  a  fat-tree  topology, 

can  require  expensive  10  GigE  switches 

researchers  say  network  designers  can 

to  prevent  bottlenecks  along 

deliverfull  bandwidth  at  a  lower  cost 

communications  paths  —  and  bandwidth 

without  changing  end  hosts  and 

can  still  be  limited  by  the  bandwidth 

remaining  backward-compatible  with 

available  at  the  core  layer. 

Ethernet  and  IP. 

The  fat-tree  design  requires  network  designers  to  spread  outgoing  traffic  from  any  given 

“pod,"  which  contain  two  layers  of  switches, 

evenly  among  the  core  switches  by  using 

j  two-level  routing  tables  to  assign  the  class  of  traffic  and  priorities. 

The  price  argument  might  not  be  com¬ 
pelling  today  because  the  difference  is  mini¬ 
mal,  but  when  40G  Ethernet  becomes  a  reality 
“the  price  per  port  will  be  huge  and  the  port 
density  will  be  tiny  Vahdat  says. 

The  team  of  researchers  began  work  on  solv¬ 
ing  the  problem  of  high-cost,  poor-performing, 
high-end  networks  about  a  year  ago.  In  talking 
with  the  team,  several  companies  revealed 
complaints  about  costly,  complex  data  centers 
that  lacked  adequate  bandwidth. The  problem 
has  been  exacerbated  in  the  past  three  years, 
Vahdat  says,  as  more  companies  build  out  big 
data  centers  that  don’t  deliver  the  perfor¬ 
mance  promised  and  require  substantial 
investments.  While  the  cost  of  using  today’s 
technology  cannot  be  considered  the  main 
driver  for  adopting  this  proposed  architecture, 
price  will  become  an  issue  in  the  near  term. 

“Today  is  the  least  compelling  time  to  be 
thinking  in  terms  of  price  per  port,  but  once 
you  push  10  Gigabit  Ethernet  to  the  edge,  the 
existing  designs  do  not  work, ’’Vahdat  explains. 
“If  you  want  to  push  10  Gig  to  the  servers  in  a 
large  cluster,  you  won’t  have  any  option.” 

Using  a  fat-tree  topology, Vahdat  and  his  fel¬ 
low  researchers  designed  a  way  to  intercon¬ 
nect  Ethernet  switches  that  would  make  all 
switching  elements  identical.  That  would 
make  it  possible  to  “leverage  cheap 
commodity  parts  for  all  of  the  switches  in 
the  communication  architecture,”  he  says. 
The  fat-tree  topology  deviates  from  the 
three-tier  core,  aggregation  and  edge  layout 
of  traditional  networks  in  that  it  doesn’t  rely 
on  aggregating  to  higher-speed  links  or  on 
specialized  hardware  when  moving  up  the 
tree.  To  enable  the  use  of  homogeneous 
gear,  fat-tree-topology  networks  rely  on  pro¬ 
tocols  taking  advantage  of  all  the  paths 
available  in  a  network,  he  says.  “We  believe 
you  don’t  have  to  modify  the  chips,  but  that 
it  could  be  done  with  software  and  with  rel¬ 
atively  small  modifications,”  he  adds. 

The  researchers  propose  that  using  two- 
level  routing  tables  and  flow-classification 
techniques,  among  other  methods,  would 
enable  the  switches  to  route  traffic  across 
the  fat-tree  diagram  without  creating  band¬ 
width  bottlenecks.  Yet  Vahdat  says  his  teams 
still  must  resolve  two  issues.  The  first  is 
exactly  how  many  modifications,  with  soft¬ 
ware  or  otherwise,  network  managers 
would  need  to  make  to  enable  the  switches 
to  route  traffic  in  a  way  that  takes  advantage 
of  the  fat-tree  topology.  The  second  is 
around  cabling.  Right  now,  networks  using 
high-end  10G  Ethernet  switches  would  have 
fewer  cables  connected  to  them  than  a  fat- 
tree  network,  which  would  require  100  sep¬ 
arate  cables  for  100  low-speed  links.  ■ 
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Georgia  cyberwar  overblown 


Last  week  Russian  tanks  rolled  into  South 
Ossetia  while  Russian  bombers  were  tak¬ 
ing  out  critical  communications  infra¬ 
structure.  But  even  before  the  first  tank 
crossed  over  the  disputed  borders,  another 
war  was  brewing  in  cyberspace. 

Armies  of  hackers  started  attacking  criti¬ 
cal  cyberinfrastructure  in  Georgia.  A 
counter-offense  of  Georgia  hackers  fought 
back  to  control  major  routing  exchanges. 
Then  a  disturbing  escalation:  Georgian 
hackers  were  able  to  take  control  of 
Russian  strategic  launch  capabilities. The  Russian  defense  artificial 
intelligence  was  defeated  and  forced  to  begin  the  launch 
sequence  of  intercontinental  ballistic  missiles  toward  strategic  tar¬ 
gets  everywhere.  At  the  last  moment,  a  Russian  teenager  with  top- 
secret  network  access  gained  over  an  open  Wi-Fi  in  his  high- 
school  network  was  able  to  persuade  the  Russian  A1  to  back  off  by 
showing  it  the  futility  of  war  through  a  game  of  tic-tac-toe.  Oh,  wait 
a  second  —  that’s  a  movie  plot!  None  of  this  actually  happened 
For  all  the  reports  of  cyberwar  between  opposing  armies  of  cyber¬ 
warriors,  you’d  think  that  a  big  part  of  the  war  was  being  fought  in 
cyberspace.  A  few  instances  of  denial-of-service  (DoS)  attacks  were 
being  amplified  by  the  media  into  a  cyberwar.  I  got  emails  and  calls 
from  journalists  asking  me  about  the  implications  of  cyberwarfare,  the 
vulnerability  of  U.S.  infrastructure  and  the 
potential  for  electronic  Pearl  Harbor.  What  a 
load  of  [redacted:TOPSECRET] ! 

There  are  two  problems  with  the  theory  of 
cyberwarfare  in  the  Caucasus.The  first  is  that 
all  of  the  reported  attacks  consisted  of  DoS 
attacks  against  Web  sites,  mostly  connected 
with  government  functions.There  were  no 


reports  of  attacks  against  critical  infrastructure,  electronic  jamming 
of  stock  exchanges,  Supervisory  Control  and  Data  Acquisition 
(SCADA)-hack  explosions  in  substations  or  anything  like  that. This 
was  not  a  battalion  of  elite  army-trained  hackers  from  the  Russian 
Southern  Command  of  Cyber  Warfare  (Unit  1337).  In  all  likelihood 
it  was  groups  of  run-of-the-mill  script  kiddies  with  control  of  a  bot¬ 
net,  stroking  their  egos  with  the  higher  cause  of  injured  national¬ 
ism.  More  “Boris  waz  ’ere”  than  “All  your  SCADA  are  belong  to  us.” 

The  second  problem  is  that  in  order  for  cyberwarfare  to  be  suc¬ 
cessful  there  needs  to  be  a  lot  of  cyberinfrastructure  to  attack. 
Georgia  and  Russia  are  both  making  tremendous  strides  in  devel¬ 
opment  of  Internet  infrastructure,  but  let’s  not  kid  ourselves. These 
are  not  info-economies  running  all  their  banking  in  virtual  reality 
on  top  of  Second  Life.  The  targets  that  were  attacked  were  mostly 
government  brochure  sites.  Even  in  the  United  States,  where  a  lot 
of  government  services  are  delivered  over  the  Web,  a  sustained 
DoS  attack  against  government  Web  sites  would  not  really  affect 
the  economy.  It  would  simply  make  the  online  experience  more 
like  the  real-life  DMV  experience,  and  we  somehow  survived  that 
fine  up  to  1995. 

A  single  picture  of  a  Russian  tank  on  the  front  page  of  a  newspa¬ 
per  can  probably  cause  investor  panic  and  have  a  bigger  econom¬ 
ic  impact  than  all  of  the  DoS  attacks.  News  continued  to  get  out  of 
Georgia  without  much  interruption.  Instant  messaging,  which  was 
a  lifeline  for  many  with  family  in  the  war  zone,  was  mostly  unaf¬ 
fected. You  can’t  have  cyberwar  when  such 
a  small  part  of  the  economy  depends  on 
cyber-anything. 

Antonopoulos  is  a  senior  vice  president  and 
founding  partner  at  Nemertes  Research ,  an  inde¬ 
pendent  technology  research  firm.  He  can  be 
reached  at  andreas@nemertes.com. 
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told  a  long  time  ago  that  a  resume  should  be 
more  than  two  pages  with  a  maximum  of  three 
bullet  points  per  employer.  That  may  work  in 
some  cases,  but  not  in  all. 

I  have  found  that  some  recruiters  and 
employers  use  software  that  counts  how  many 
times  a  particular  word,  such  as  Cisco,  or  a 
word  describing  a  certain  type  of  experience 
appears  in  a  resume.  I  can  attest  this  is  hap¬ 
pening  to  a  degree.  During  a  previous  job 
search,  a  recruiter  had  me  rewrite  my  resume 
just  about  completely  to  list  specifically  all  the 
different  types  of  Cisco  hardware  1  had  worked 
with.  It  was  interesting  to  note  how  the  call¬ 
backs  increased  after  1  did  that. 

You  may  find  it  necessary  to  keep  more  than 
one  type  of  resume,  each  tailored  to  the  type  of 
job  you  are  pursuing. 

5.  Get  a  handle  on  monthly  bills 

Although  1  had  a  little  money  put  by  for  a 
rainy  day  1  went  through  my  recurring  bills  to 
see  if  there  was  any  room  for  saving  more.  I 
found  that  by  shopping  around  for  automobile 
and  homeowners  insurance,  I  could  keep  the 
same  coverage  and  reduce  both  bills.  1  had 
been  thinking  about  doing  this  for  a  variety  of 
reasons,  but  being  unemployed  helped  push  it 
to  the  top  of  the  list. 

6.  Cut  food  costs 

If  you  live  by  yourself,  this  will  be  easier  to 
do.  If  you  have  a  family,  everyone  will  need  to 
sit  down  and  understand  they  will  all  have  to 
help  out  until  you  can  get  another  job.  Not  that 
1  ate  out  a  lot  while  1  had  a  job,  but  I  did  eat  out 

See  20  tips,  page  40 


BY  RON  NUTTER 

— ditor’s  note:  On  Feb.  20,  IT  manager  and 
Network  World  columnist  Ron  Nutter 
!□  was  called  into  his  boss’s  office  and 
i  told  he  was  being  let  go  —  that  day 
T~1  Once  the  initial  shock  wore  off,  Nutter 
launched  an  aggressive  search  for  employ¬ 
ment  in  the  Kansas  City  area.  Over  the  next  76 
days,  Nutter  applied  for  85  jobs,  and  had  16 
interviews  before  landing  a  new  position.  He 
chronicled  the  job  search  in  a  daily  blog.  Now 
that  he  has  had  some  time  to  reflect  on  the 
experience,  Nutter  offers  these  20  tips  for  sur¬ 
viving  a  layoff. 

1.  As  you’re  being  laid  off,  take  notes 

This  can  be  difficult  to  do,  because  losing  a 
job  can  be  a  very  emotional  experience. 
Nevertheless,  while  everything  is  still  fresh  in 
your  mind,  write  down  all  the  details  you  can 
remember.  For  example,  I  was  told  I  would  be 
paid  for  the  full  two-week  pay  period  plus  my 


remaining  vacation  and  sick  time.  When  my 
last  check  arrived,  there  were  discrepancies. 
Having  written  notes  helped  me  when  I  went 
back  and  reminded  my  former  boss  and  the 
Human  Resources  folks  of  their  commitment. 

2.  Take  some  time  for  yourself 

Take  a  few  days  for  yourself.  A  traumatic 
event  has  just  happened  to  you,  and  you  need 
to  get  over  the  initial  shock  before  you  jump 
into  the  fray  to  search  for  a  new  job. 

3.  Review  the  paperwork  from  the  company 
that  laid  you  off 

You  need  to  attend  to  several  important 
things  rather  quickly  One  is  finding  out  how  to 
file  for  unemployment.  Another  is  determining 
how  long  your  company-paid  health  insurance 
will  be  in  force  before  you  have  to  consider 
paying  for  COBRA  insurance. 

4.  Update  your  resume 

This  is  something  we  should  all  do,  but  it 
doesn’t  always  get  the  attention  it  should.  1  was 
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Microsoft'  System  Center  is  a  family  of 
IT  management  solutions  (including  Operations 
Manager  and  Systems  Management  Server) 
designed  to  help  you  manage  your  mission- 
critical  enterprise  systems  and  applications. 

Carnival  Cruise  Lines  manages  1,000  shipboard 
and  land-based  servers  with  System  Center.  That's 
big.  See  Carnival  Cruise  Lines  and  other  case 
studies  at  DesignedForBig.com 
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20  tips 

continued  from  page  38 

sometimes.  When  I  was  laid  off,  that  stopped.  The  one  treat  1  allowed 
myself  each  week  was  to  stop  by  a  local  pizza  place  that  made  the 
pizza  but  you  took  it  home  to  cook  in  your  own  oven.  I  made  sure  to 
take  a  coupon  with  me  each  week  to  take  a  couple  dollars  off  the  cost 
of  the  pizza. 

1  also  shopped  at  my  local  Costco  and  bought  the  food  1  needed  in 
bulk  so  I  had  to  shop  only  once  a  month.  Having  a  freezer  make  this  eas¬ 
ier  to  do.  For  example,  I  would  buy  a  3  to  5  pound  tray  of  fish,  which  I 
would  portion  out  into  individual  meals  using  a  vacuum-sealing 
machine.  Another  suggestion:  Buy  several  gallons  of  milk  at  one  time 
and  put  them  in  the  freezer.  Pull  one  gallon  out  at  a  time,  and  it  will  still 
be  good.  I  have  been  doing  this  for  more  than  a  year  and  have  yet  to 
notice  a  difference  in  the  taste. 

7.  Look  at  health  insurance  options 

Your  company-supplied  health  insurance  will  come  to  an  end.  My  for¬ 
mer  employer’s  health  insurance  ended  a  few  days  after  I  was  separated 
from  the  company  Worse  yet,  I  wasn’t  due  to  receive  COBRA  information 
until  after  my  company  health  insurance  had  lapsed.  Because  my  previ¬ 
ous  employer  also  had  been  processing  my  claims,  I  wasn’t  comfortable 
with  it  having  any  further  access  to  my  medical  records.  Doing  a  little 
research  on  the  Internet,  I  found  a  single  health-insurance  policy  from 
Blue  Cross  Blue  Shield  for  half  the  price  of  the  COBRA  policy  my  former 
employer  was  going  to  offer  me  and  with  better  coverage. 

8.  Check  with  your  financial  adviser 

I  have  worked  with  an  excellent  person  at  Smith  Barney  for  several 
years.  Because  I  knew  1  might  need  to  access  my  credit  line  to  help  pay 
bills,  I  wanted  to  give  him  a  heads-up  on  my  situation  so  he  could  be 
looking  at  other  options  to  keep  the  use  of  the  credit  line  as  a  last  resort. 


9.  File  for  your  income-tax  return  refund 

Another  thing  to  consider,  depending  on  the  time  of  year  you  are  laid 
off, is  to  use  your  income-tax  return  as  a  one  source  of  money  for  paying 
bills.  1  haven’t  been  a  fan  of  paying  for  electronic  filing,  but  this  year  I  did 
spend  the  money  so  I  would  get  the  tax  refund  a  little  sooner. 

10.  File  for  unemployment  compensation 

This  is  something  1  delayed  doing  a  little  bit  —  partially  because  of 
pride  and  partially  because  1  didn’t  anticipate  job-hunting  to  take  more 


than  three  months.  As  someone  pointed  out  to  me,  you  have  earned  this 
money  and  you  should  take  advantage  of  it.  In  my  case,  filing  was  com¬ 
plicated  because  I  had  moved  from  another  state  in  the  previous  18 
months.The  unemployment  folks  go  back  that  far  in  figuring  out  where 
someone  should  file  for  unemployment.That  potentially  had  me  talking 
with  three  states’  unemployment  departments.  1  spent  several  days  on 
the  phone  with  the  two  states  that  would  be  involved  in  my  situation.  As 
painful  as  it  may  be  to  deal  with  this  part  of  your  unemployment,  the 
sooner  you  start,  the  sooner  the  money  will  come  in  in  to  help  pay  the 
bills  until  you  get  another  job. 

11.  Check  the  job  boards 

During  my  job  search,  I  looked  at  CareerBuilder,  Craigslist,  Dice  and 
Monster.  I  found  no  job  leads  from  Monster  in  my  career  area. Several  of 
the  HR  folks  I  talked  to  during  the  process  told  me  they  used  Monster 
very  little,  in  part  because  of  the  higher  fees  the  site  charged  for  posting 
a  job  compared  with  other  job  boards,  and  in  part  because  of  the  gen¬ 
erally  poorer  quality  of  applications  they  received  from  Monster.  I  found 
some  new  job-postings  on  Dice,  but  with  a  significant  number  of  jobs 
cross-posted  on  other  boards,  1  didn’t  find  Dice  to  be  a  significant  source 
of  potential  job  leads.  One  source  I  wouldn’t  have  thought  to  check  was 
Craigslist.  More  than  one  recruiter  told  me  he  had  good  results  from 
posting  jobs  on  Craigslist.  Set  aside  time  each  day  to  do  this. 

12.  Make  the  job  boards  work  for  you 

Dice  has  a  feature  where  you  can  make  your  resume  searchable  by 
companies  and  recruiters  with  a  position  to  fill.  I  got  some  calls  from 
that.  CareerBuilder  recently  followed  suit.  Dice  lets  companies  and 
recruiters  repost  a  job  every  day  so  that  it  looks  new,  but  in  some  cases 
this  makes  identifying  the  jobs  a  little  harder.  Turn  the  tables  in  your 
favor  by  making  changes  to  your  resume  periodically  so  that  when  it 
is  searched  it  will  show  up  as  new  or  changed;  this  could  get  you 
looked  at  by  a  company  or  recruiter  that  might  have  passed  you  by 
the  day  before. 

13.  Prepare  for  the  interview 

One  thing  I  have  done  when  preparing  for  an  interview  is  to  research 
the  company,  as  well  as  the  companies,  sectors  and  industries  it  serves. 
If  it  is  a  publicly  listed  company  read  some  of  its  press  releases  from  the 
the  past  quarter  or  two  to  see  any  changes  that  have  occurred  and  new 
directions  it  is  heading  in.The  responses  I  received  from  several  compa¬ 
nies  indicate  it  makes  a  good  impression  that  you  are  interested  in  find¬ 
ing  out  about  the  company  before  an  interview.lt  may  seem  like  a  small 
thing  or  something  that  you  should  do  anyway,  but  there  seem  to  be 
quite  a  few  people  looking  for  a  job  who  don’t  do  this. 

See  20  tips,  page  42 
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Preserving  your  data  with  safe,  reliable  media  is  critical.  But  at  Sony, 
bringing  engineering  excellence  to  your  storage  network  is  just  the 
beginning.  Sony  LTO™  tapes  also  offer  factory  bar  coding  for  easy 
data  management.  Convenient  Library  Packs  eliminate  individual 
shrink-wrapping.  Beyond  all  this,  our  Storage  Rewards  loyalty 
program  puts  you  on  the  Sony  incentives  fast  track.  Sony  LTO  media. 
Safe,  reliable,  and  so  much  more. 

sohy.com/storagerewards  and  enter  code  SRL301  for  an 
additional  500  Storage  Rewards  Points. 
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In  addition,  have  several  copies  of  your  resume  with  you  at  an  inter¬ 
view.  This  becomes  even  more  important  once  you  see  your  resume  as 
the  client  or  recruiter  does  after  they  have  downloaded  it  or  printed  it 
out  from  the  job-board  application: The  formatting  is  pretty  much  gone. 
To  make  matters  worse,  the  resume’s  paragraphs  or  bullet  points  will 
look  like  a  series  of  poorly  written,  run-on  sentences  that  may  cause  dis¬ 
tinctive  or  unique  information  about  you  to  be  overlooked. 


Tip  #18:  Don’t 
wait  for  the 
phone  to  ring 


ready  to  produce  when  you  start  your  new  job.  Another  document  you 
want  make  sure  you  have,  even  if  you  don’t  need  it  for  the  1-9,  is  a  copy 
of  your  birth  certificate.This  might  take  a  little  while  to  get.  I  didn’t  know 
until  recently  that,  depending  on  when  and/or  where  you  were  born, 
there  are  two  types  of  birth  certificates  —  one  the  hospital  does  and  one 
that’s  done  when  the  birth  is  registered  with  the  local  authorities.You  will 
want  to  get  a  copy  of  the  certificate  on  file  with  the  local  authorities. 

18.  Don't  wait  for  the  phone  to  ring 

This  may  be  one  of  the  harder  things  to  do.  Keep  in  mind  that  recruiters 
and  HR  types  move  at  their  own  pace,  which  can  be  very  slow.  When 
you  first  apply  for  a  job,  it  could  be  several  days  or  more  before  you  get 
the  first  contact. Waiting  for  the  phone  to  ring  will  have  you  climbing  the 
walls  in  short  order.  Sometimes  you  will  get  a  call  within  hours  of  apply¬ 
ing  for  a  job,  but  expect  that  to  be  the  exception.There  are  always  things 
you  can  do  while  you  wait  for  movement  on  the  job  front,  and  some  of 
them  may  be  done  at  little  to  no  cost  —  that  little  bit  of  touch-up  paint¬ 
ing  you  have  never  gotten  around  to,  or  the  trimming  around  the  yard 
that  always  needs  to  be  done.  You  need  to  stay  active  —  don’t  just  sit 
around  and  watch  the  clock  move  forward. 

19.  Get  out  of  the  house  at  least  once  a  day 

At  some  point  you  will  run  out  of  things  to  do  around  the  house  or  will 
simply  need  to  get  out.  There  will  be  the  occasional  job  fair,  but  that 
won’t  take  a  large  amount  of  your  time. You  can  knock  on  the  doors  of 
companies  that  you  would  like  to  work  at,  but  with  the  price  of  gas  hov¬ 
ering  around  $4  a  gallon  depending  on  where  you  live,  that  can  be  an 
expensive  trip  to  make  for  an  unknown  return.  Do  some  things  you 
enjoy  such  as  going  to  a  museum  or  sports  game.The  main  thing  is  to  get 
out  to  keep  from  getting  cabin  fever. 


16.  Keep  good  records 

This  suggestion  came  from  a  letter  from  the  unemployment 
department  telling  me  I  would  need  to  provide  some  basic  infor¬ 
mation.  I  set  up  a  spreadsheet  in  OpenOffice  with  three  tabs.  At 
the  first  tab  I  kept  track  of  the  jobs  I  had  applied  for  by  date, 
source  of  the  job,  how  the  job  was  applied  for,  company  name  if 
known,  job  name,  contact  name  and  job  number  if  provided.  At  the 
second  tab  1  kept  track  of  the  recruiters  I  talked  to;  HR  folks  I  had  con¬ 
tacted  for  the  jobs  to  which  I  had  applied  directly;  and  anything  else, 
such  as  job  fairs  I  attended.  This  information  was  helpful  when  I  was 
audited  by  the  unemployment  folks  to  make  sure  I  was  looking  for 
another  job.  At  the  third  tab  1  recorded  when  I  filed  my  unemployment 
claim  each  week,  when  I  received  the  check,  and  the  check  number 
and  when  it  was  deposited. 


14.  Deal  with  recruiters 

1  encountered  a  couple  of  recruiters  who  would  give  used-car  sales¬ 
men  a  bad  name,  but  as  a  general  rule,  1  found  them  pretty  decent  to 
work  with.  Several  positions  I  was  approached  about  were  not  on  the  job 
boards  and  sometimes  were  from  only  a  single  recruiter.  The  trick  1 
learned  was  to  identify  the  same  end-job  when  it  came  from  different 
recruiters.  One  situation  you  want  to  avoid  is  having  more  than  one 
recruiter  pitching  you  to  the  same  client  for  the  same  job.Most  recruiters 
usually  will  tell  you  early  on  who  the  actual  end-client  is. 

15.  Accept  help  from  family 

Your  pride  may  make  it  hard  for  you  to  accept  help,  but  keep  in  mind 
that  your  unemployment  affects  them  to  a  degree  as  well.  Depending  on 
their  ages,  your  unemployment  may  be  a  new  thing  to  them. There  was 
a  time  —  unfortunately  long-gone  now  —  when  the  company  you  first 
worked  for  was  the  only  company  you  worked  for  in  your  entire  career. 
How  much  help  you  accept  from  family  is  something  you  will  have  to 
decide.  Look  at  it  this  way:  Whatever  help  they  do  give  you  is  that  much 
less  you  will  have  to  spend  for  food. 


17.  Get  your  personal  records  in  order 

When  you  accept  a  job  offer,  one  of  the  things  you  will  have  to  deal 
with  is  the  1-9  form  that  proves  you  are  allowed  to  work  in  this  country  If 
you  haven’t  seen  the  1-9  form  lately  get  a  copy  so  you  can  see  what  doc¬ 
uments  you  will  need.  If  you  can’t  find  your  Social  Security  card,  now 
would  be  an  excellent  time  to  order  a  replacement.This  will  take  several 
weeks  to  process.The  sooner  you  receive  it,  the  sooner  you  will  have  it 


20.  Never  give  up 

Don’t  leave  any  stone  unturned.You  just  may  find  that  a  company  that 
today  passed  you  over  in  favor  of  another  applicant  may  come  back  to 
you  when  that  person  leaves  to  move  onto  greener  pastures.  I  never 
would  have  thought  that  could  happen,  but  I  have  seen  it  happen  twice 
in  the  past  year. 


Nutter  is  an  IT  executive  in  Kansas  City.  He  is  also  one  of  the  editors 
of  Network  World’s  IT  Asked  &  Answered.  He  can  be  reached  at 
nww@networkref.com. 


Tip  #20: 

Never  give  up 
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How  Do  You  Get 
Premium  3-Phas 
Technology  at  a 
Lower  Cost? 


By  Choosing  Tripp  Lite,  You  Receive  Superior  Performance 
and  Advanced  Features — Typically  at  a  Savings  of  10%-25%! 


Tripp  Lite's  new  SmartOnline™  Modular  3-Phase  UPS  Systems  provide  the  highest  level  of  power  protection  for  your  enterprise 
(40-80  kVA).  They  offer  double-conversion  on-line  operation  and  zero  transfer  time  to  battery  to  protect  your  mission-critical 
equipment  from  every  power  problem  on  the  AC  line. 

But  that's  not  all.  Not  only  are  Tripp  Lite's  SmartOnline™  Modular  3-Phase  UPS  Systems  priced  lower  than  the  competition, 
they  also  lower  your  overall  costs: 


^  Widest 

Correction 


Range  m 


the 


Industry- 


•  Save  money  on  battery  replacement.  The  industry's  widest  voltage  correction  range  ensures 
longer  battery  service  life  and  reduces  battery  replacement  costs. 

•  Reduce  electrical  bills.  Higher-efficiency  Economy  or  "Green"  mode  (at  96%  AC-AC  conversion) 
switches  to  on-line  operation  only  when  needed. 

•  Eliminate  network  downtime.  N+1  modular  architecture  allows  for  fail-safe  redundancy 
because  multiple  power  modules  can  be  hot-swapped  (with  the  load  powered)  if  maintenance 
or  replacement  is  required.  No  downtime  =  no  money  lost! 

•  Reduce  installation  costs.  Lower  (<3%)  total  harmonic  distortion  orTHDi  allows  your  current 
generators  to  run  cooler  and  last  longer,  which  means  you  don't  need  to  purchase  oversized- 
generators,  cables  and  breakers. 

•  Increase  capacity.  1  +  1  parallel  capability  allows  for  redundancy  by  connecting  two  3-phase 
UPS  Systems  to  a  single  equipment  load.  If  one  UPS  is  removed  or  taken  offline,  the  second 
UPS  supports  the  load  automatically! 

Tripp  Lite  SmartOnline  3-Phase  UPS  Systems  are  ideal  for  protecting  and  supporting  mission- 
critical  equipment  in  data  centers,  call  centers,  VoIP  telecom  applications, 
hospitals,  schools,  factories  and  more.  For  total  protection  for 
your  enterprise  and  your  budget,  choose  Tripp  Lite. 


See  Tripp  Lite's  complete  line  of 
3-Phase  UPS  solutions  for  data  centers! 
tripplite.com/3phaseTech 
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TRIPPLITE 


Tripp  Lite  World  Headquarters 

110  W,  35th  Street,  Chicago,  IL  60609 
7f3.869.1234  •  wwW.tripplite.com 


Top-to-Bottom  Reporting 


Top-Floor  Reports,  First-Floor  Detail. 

Report  network  wide  without  sacrificing  granularity,  with  the  new 
Observer  Reporting  Server.  Report  by  department  or  function  to  see  how 
problems  impact  your  business.  Plan  better  with  custom  reports  and 
trending.  Drill  into  individual  links  or  user  data  and  interface  flawlessly  with 
Observer"  and  GigaStor™  for  back-in-time  analysis  and  rapid  resolution. 
Enterprise-wide  reporting  with  drill-down  detail:  now  you  can  have  it  both  ways. 

j®  Don't  just  report:  Resolve. 


N  NETWORK® 
INSTRUMENTS 


For  more  information,  call  800-526-5958 
www.Networklnstruments.com/resolve 


©  2007  Network  Instruments,  LLC.  All  rights  reserved.  Network  Instruments,  Observer,  GigaStor,  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LLC. 
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SAVE  THE  DATE!  Mark  your  calendar  to  attend. 


March  4  ;H!  April  2  BOS  June  18  ATL  July  16 
Sept  23  SAN  FRAN  Nov  17  WASH  DC  Dec  16 


GET  READY  FOR  A  WHOLE  NEW 

IT  ROADMAP  IN  ’08! 


ORKWORLD 

fiogfemfi&Expfi 


www.networkworld.com/itr2008 


Let  the  Model  135 
Monitor  Your  Site 


MoM  135  , 


The  Model  1 35  Site  Monitor  is  designed  to  serve  as  your 
"resource  kit”  for  monitoring  and  maintaining  computer, 
communications,  and  specialized  equipment  locations. 
With  a  wide  range  of  built-in  capabilities,  it’s  easy  to 
tailor  a  powerful  site-specific  solution. 

Highlights  include  10/100  Ethernet  and  analog  modem 
connectivity,  serial  port  access  and  text  data  "matching,” 
AC  and  DC  voltage  monitoring,  ping  testing,  and  contact 
closure  inputs  and  outputs.  And  the  web-based  interface 
makes  setup  and  use  a  straight-forward  process. 

For  complete  details  on  the  Model  135,  give  us  a  call 
or  visit  www.gkinc.com. 


YOU  CAN 

HAVE  THE  BEST 

•  RRENIIUIVI  QUALITY 

*  EXTENSIVE  SELECTIONS 

*  LOWEST  PRICE 

•  HIGHEST  SERVICE 
STANDARD 


SC  ADAPTER 
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Distribute 
in  Your  Data 


1; 


With  Sentry  CDU  Products! 

Basic,  Metered,  Smart  &  Switched 
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Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

Basic  CDU 

>  Reliable  &  Economical 

Metered  CDU 

>  Local  Input  Current  Monitoring 

>  Simple  3-Phase  Load  Balancing 

Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temp.  &  Humidity  Probes 

>  Secure  IP  &  Serial  Monitoring  of  Power, 
Temperature  &  Humidity 

Switched  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temp.  &  Humidity  Probes 

>  Secure  IP  &  Serial  Monitoring  of  Power, 
Temperature  &  Humidity 

>  Remote  Power  Control  for  Each  Outlet: 
ON/OFF/Reboot  with  Graceful  Server  Shutdown 

>  Smart  Load  Shedding 

>  kW  per  In-Feed,  Per  Cabinet,  or  Per  Square  Feet 


©Server  Technology,  Inc.  Sentry  is  a  trademark  of  Server  Technology,  Inc. 


I|  Server  Technology,  Inc. 

1®  1040  Sandhill  Drive  tf  +1.800.835.1515 

Reno,  NV  89521— USA  tel  +1.775.284.2000 

www.servertech.com 
www.servertechblog.com 


fax +1.775.284.2065 
sales@servertech.com 
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♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  supports  hundreds  of  international  languages 

♦  file  parsers  /  converters  for  hit-highlighted  display  of  all  popular  file  types 

♦  Spider  supports  static  and  dynamic  web  data;  highlights  hits  while  displaying 
links,  formatting  and  images  intact 

♦  API  supports  .NET,  C++,  Java,  SQL,  etc.  New  .NET  Spider  API 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


Instantly  Search 
i  of  Text 


.■fflWSiSRS 


♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 
and  returns  results  in  less  than  a  second"  -  InfoWorld 


Terabytes 


♦  "For  combing  through  large  amounts  of  data,"  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  dtSearch  "covers  all  data  sources  ...  powerful  Web-based  engines"  -  eWEEK 

♦  dtSearch  "searches  at  blazing  speeds"  -  Computer  Reseller  News  Test  Center 

See  www.dtsearch.com  for  hundreds  more  reviews, 
and  hundreds  of  developer  case  studies 


■ 


Contact  dtSearch  for  fully-functional  evaluations 


1-800-IT-FINDS  •  www.dtsearch.com 


NEWS  ANALYSIS 


Open  source 

continued  from  page  17 

an  intermediary  role  between  companies  and 
open  source  communities  while  technically 
vetting  more  than  400  applications  —  urges 
security  experts  wishing  to  contact  open 
source  communities  to  make  the  effort  to  find 
the  “right  person  to  talk  to”  to  share  concerns 
about  possible  vulnerabilities. 

Sometimes  businesses  using  open  source 
internally  provide  a  patch,  though  they  may 
not  want  their  name  associated  with  it.  But 
patch  information  is  generally  going  to  be  sent 
out  on  a  mailing  list,  Fteters  says,  adding, 
“Everyone  is  going  to  know  soon  anyway 

Some  security  vendors  have  found  it  can  be 
more  difficult  to  get  the  message  to  open 
source  communities  than  to  closed-source 
vendors. 

Fortify  Software  is  a  security  firm  that 
recently  worked  with  consultant  Larry  Suto  to 
evaluate  1 1  Java-based  open  source  applica¬ 
tions  for  vulnerabilities,  and  found  that  all 
had  significant  flaws  that  Fortify  wanted  to 
report  to  each  open  source  community 

According  to  Fortify,  however,  only  Tomcat, 
which  develops  an  application  server,  could 
be  found  to  use  the  security  “best  practices” 
Fortify  advocates,  which  include  a  dedicated 
e-mail  alias  to  report  security  vulnerabilities, 
easy  access  to  security  experts  and  a  promi¬ 
nent  Web  link  to  security  information. 

The  remaining  open  source  projects  Fortify 
sought  to  contact  —  OpenCMS,  Resin,  Jonas, 
Derby,  Geronimo,  Struts,  Ofbiz,  JBoss  and 
Hibernate  —  fell  short  of  supporting  all  three, 
and  some  never  responded  to  Fortify’s 
inquiries. 

While  Fortify’s  report  about  its  difficulty  in 
contacting  open  source  projects  to  report  vul¬ 
nerabilities  generated  controversy,  some  open 
source  proponents  think  the  Fortify  study 
makes  a  valid  point. 

“We’ve  put  up  an  e-mail  address  to  notify 
without  broadly  broadcasting,”  says  Emma 
McGrattan,  senior  vice  president  of  engineer¬ 
ing  at  Ingres, about  its  own  discreet  process  for 


security  remediation  in  the  Ingres  open 
source  database. “It’s  a  very  inexpensive  thing 
to  do.” 

Ingres,  which  earns  its  bread  and  butter 
through  services  and  licensing  its  intellectual 
property,  has  two  full-time  security  experts  on 
staff  and  uses  the  Klocwork  code-testing  tool 
to  identify  security  bugs  in  vetted  Ingres  code. 
“Once  someone  has  that  fix,  it’s  incumbent 
upon  them  to  submit  it  into  the  community 

a  Expecting  there  to  be  secu¬ 
rity  services  or  a  contact  for 
a  particular  project  is  not 
likely  to  happen  in  open 
source,  but  usually  there  is  a 

mailing  list.55 

Stormy  Peters 

Executive  director,  the  GNOME  Foundation 

she  notes,  adding,  “the  community  version  is 
less  stable.” 

Danny  Allen,  director  of  security  research  at 
IBM  Rational,  who  notes  IBM  has  strong  initia¬ 
tives  in  open  source, such  as  Apache,  says  busi¬ 
nesses  do  mull  the  security  and  intellectual- 
property  implications  that  spring  up  from 
open  source. 

“There’s  an  awareness  of  risk, such  as  what  if 
there’s  a  vulnerability  down  the  road,”  Allen 
says.  There  are  worries  about  who  is  the  secu¬ 
rity  contact  for  the  framework,  or  what’s  the 
possibility  of  the  intentional  inclusion  of  mali¬ 
cious  code. 

Corporate  lawyers  in  particular  are  leery  of 
open  source  projects  because  it  may  be  diffi¬ 
cult,  if  not  impossible,  to  find  the  people  who 
are  accountable.  “In  open  source  projects, 
there  isn’t  any  specific  accountability  Allen 
says,  adding  that  he’s  seen  legal  people  try  to 
ferret  out  the  open  source  software  during  a 
merger,  regarding  it  as  higher  risk  than  closed- 
source  software. 

Each  open  source  community  will  look  and 
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act  a  bit  different,  notes  David  Maxwell,  open 
source  strategist  at  Coverity,  which  makes 
Coverity  Prevent,  a  static-analysis  tool  that 
measures  software  quality  Maxwell  also  is  a 
software  developer  voluntarily  working  on  the 
NetBSD  open  source  project,  in  which  a  few 
hundred  individuals  have  the  right  to  “com¬ 
mits”  of  code  changes. 

More  than  two  years  ago,  Coverity  was 
awarded  a  contract  from  the  Department  of 
Homeland  Security  to  methodically  analyze 
open  source  software  under  the  government’s 
Open  Source  Hardening  Project. 

Under  the  contract,  open  source  projects 
were  invited  to  use  the  Coverity  Scan  site  for 
free,  with  the  goal  of  evaluating  software  so 
any  defects  could  be  fixed. 

The  Coverity  Scan  site  analyzed  more  than 
55  million  lines  of  code  on  a  recurring  basis 
over  two  years  for  more  than  250  open  source 
projects,  including  Firefox,  Linux  and  PHPThe 
results  were  summarized  in  May  in  its  “Open 
Source  Report.” 

Of  the  250  projects,  about  120  have  develop¬ 
ers  active  in  reducing  reported  defects  in  the 
code,  the  report  says.  Using  the  tool  led  to  the 
reduction  of  more  than  8,500  various  defects 
in  open  source  programs  over  two  years.  But  by 
and  large, open  source  software  didn’t  stack  up 
particularly  well  in  terms  of  clean  code. 

The  projects  that  did  very  well  include 
Amanda;  NTP;  OpenPAM;  OpenVPN;  Overdose; 
Perl;  PHP;  Postfix;  Fython;  Samba  and  TCL, 
which  resolved  all  the  defects  found,  Maxwell 
says.“But  the  rest  of  the  120  had  varying  levels 
of  responsiveness,”  he  says,  about  the  process 
of  fixing  code.  He  acknowledges  that  his  own 
NetBSD,  which  follows  the  practice  of  select¬ 
ing  security  officers  from  its  volunteers  and 
encrypting  communications,  is  still  catching 
up  with  the  bug  findings. 

Open  source  software  development  is  a  cul¬ 
ture  where  people  are  accepted  based  on  the 
group’s  perception  of  their  abilities  and  dedi¬ 
cation,  creating  a  naturally  formed  tight-knit 
volunteer  group,  Maxwell  points  out.  So,  there 
can  be  stiff  resistance  to  an  outsider  sud¬ 
denly  appearing  with  bad  news  about  soft¬ 
ware  security 

Attackers  are  out  there  trying  to  exploit  the 
openness  in  open  source,  say  some.  Many 
open  source  projects  use  the  Concurrent 
Versions  System  (CVS)  as  the  repository  for 
the  project  code.  Even  this  predictability  offers 
opportunities  to  attackers  that  might  want  to 
monitor  for  code  changes  and  updates  to  pre¬ 
pare  malware  and  attack  code.“Fteople  do  take 
advantage  of  that  all  the  time,”  says  Alfred 
Huger,  vice  president  of  Symantec  Security 
Response/They  look  at  CVS  and  the  logs  that 
are  changing.” 

As  to  whether  he’s  found  open  source  com¬ 
munities  to  be  more  leery  of  outsiders 
approaching  with  security  intelligence,  Huger 
says  each  community  is  different,  but  the  more 
reticent  and  skeptical  ones  are  those  that  were 
never  approached  before  about  a  particular 
problem,  ffl 
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Proof  that  IT  is  crazy 


BACKSPIN 

Mark  Gibbs 


he  IT  world  has  a  certain  level  of  craziness 
that  is  remarkable,  and  nowhere  does  it 
show  up  more  than  in  how  various  com¬ 
panies  market  their  products.  I  have  all  sorts  of 
examples  to  illustrate  this,  but  given  that  I  have 
limited  space  I’m  going  to  concentrate  on 
what  1  consider  to  be  the  800-pound  gorilla  of 
marketing  crazy:  Microsoft. 

A  couple  of  days  ago  it  was  announced  that 
Microsoft  had  retained  the  services  of  comedian  Jerry  Seinfeld  for  the 
princely,  no,  kingly  sum  of  $10  million.  For  this  insane  amount  of  cash 
Seinfeld  will  appear  in  a  $300  million  series  of  commercials  rumored 
to  revolve  around  the  slogan  “Windows,  Not  Walls.” 

According  to  various  sources  the  whole  “Windows,  Not  Walls”  gambit 
is  about  the  need  to  (and  I  definitely  quote)  “break  down  barriers  that 
prevent  people  and  ideas  from  connecting”  (I  feel  bilious  just  typing 
that).  Just  the  idea  that  anyone  could  think  of  pitching  Windows  as 
being  such  a  powerful  facilitator  of  communications  defies  belief. 

The  impetus  for  this  planned  bout  of  rabid,  unashamed,  spin  doctor¬ 
ing  has  been  the  dismal  market  perception  and  performance  of 
Microsoft’s  Vista  operating  system. 

Apparently  Seinfeld  will  appear  in  some  of  the  ads  with  that  great 
stand-up  comedian  Bill  Gates.  As  many  commentators  have  pointed 
out,  there’s  a  serious  level  of  craziness  involved  in  hiring  a  comedian 
who  peaked  in  the  ’90s  as  the  pitchman  because  the  real  opinion 
makers  (that’s  you,  dear  readers)  aren’t  going  to  be  swayed  by  a  few 
laughs  into  changing  their  opinions. 

To  recycle  an  old  joke,  trying  to  repair  the  market’s  perception  of  Vista 
by  being  funny  is  like  rearranging  the  deck  chairs  on  the  Titanic  —  as 
it  sinks.  (No,  don’t  write  in  to  tell  me  that  you’re  happy  with  Vista. You 
just  think  you  are.You  have  swallowed  Redmond’s  blue  pill.) 


Anyway,  it  also  doesn’t  take  a  genius  to  guess  that  the  campaign  will 
also  tout  the  results  of  Microsoft’s  recent  and  pompously  named 
“Mojave  Experiment.”  In  case  you  missed  this  also  crazy  (and  lame) 
marketing  exercise,  it  involved  the  punking  of  120  noobs  in  San 
Francisco  by  giving  them  a  10-minute  demo  of  what  they  were  told 
was  a  forthcoming  Microsoft  operating  system  called  Mojave.  Of 
course  the  operating  system  was  actually  Vista  and  the  results  as  mea¬ 
sured  and  interpreted  by  Microsoft  gave  Mojave  an  approval  rating  of 
nearly  double  that  of  Vista.  Wow.  I’m  convinced,  aren’t  you? 

Wait  a  minute  —  convinced  of  what?  That  we’ve  all  just  got  it  wrong 
and  our  perception  of  Vista  is  based  on  unfair  prejudice?  That  a 
noob’s  response  to  a  slick  10-minute  demo  is  a  fair  way  to  evaluate 
public  perception  of  something  as  complex  as  an  operating  system? 
No,  I  don’t  know  about  you  but  I’m  convinced  that  Microsoft  thinks 
we’re  all  so  gullible  that  we’d  be  taken  in  by  their  blatant  spin  doctor¬ 
ing.  The  company  is  truly  crazy 

Now  before  I  go  any  further  I  just  have  to  make  it  clear  that  I  don’t 
hate  Microsoft.  In  fact,  I  use  and  love  (and  hate)  many  of  their  prod¬ 
ucts  every  day  My  problem  with  Microsoft  stems  from  what  I  see  as 
the  company’s  repeated  failure  over  the  last  30  years  to  behave  honor¬ 
ably  fairly  and,  most  importantly  with  the  care  for  building  excellent 
software  that  one  would  hope  for. 

But  as  I’ve  commented  before,  Microsoft  isn’t  solely  to  blame  for 
what  it  has  become.  Nope,  the  truth  is  that  we  created  the  monster. We 
wanted  the  Kool-Aid  Microsoft  was  selling  as  cheap  as  possible  and 
we  failed  to  be  as  critical  and  demanding  as  we  should  have  been 
when  we  found  problems. 

Then  again,  I  guess  that  just  goes  to  show  that  we  really  are  crazy 

Gibbs  keeps  as  tight  a  hold  on  his  sanity  as  he  can  in  Ventura,  Calif. 
Put  on  your  foil  hat  and  tell  him  at  backspin@gibbs.com. 


FTC  bans  prerecorded  telemarketing  drivel 

i 


Michael  Cooney 


Layer  8 


n  the  ongoing  battle  to  let  us  eat  dinner  in 
peace  without  being  interrupted  by  amaz¬ 
ingly  annoying  telemarketer  blather  and  in 
this  case  the  even  more  infuriating  recorded 
telemarketing  drivel,  the  Federal  Trade 
Commission  basically  outlawed  such  calls 
recently 

Specifically  the  FTC  changed  its  venerable 
Telemarketing  Sales  Rule  (TSR)  to  prohibit,  as 
of  September  2009,  telemarketing  calls  that 
deliver  prerecorded  messages,  unless  a  consumer  has  agreed  to 
accept  such  calls  from  a  given  caller/seller. 

Between  now  and  2009,  telemarketers  must  provide  an  obvious,  easy 
and  quick  way  for  consumers  to  opt-out  of  any  call,  the  FTC  said.  Such 
an  opt-out  mechanism  needs  to  be  in  place  by  Dec.  1,2008. 

The  change  will  not  affect  your  ability  to  continue  to  receive  calls 
that  deliver  informational  prerecorded  messages  -  notifying  you,  for 
example,  that  your  flight  has  been  cancelled,  or  that  you  have  a  ser¬ 
vice  appointment.  Such  purely  “informational”  calls  are  not  covered  by 
the  TSR  because  they  do  not  attempt  to  sell  the  called  party  any 
goods  or  services,  the  FTC  said. 

However,  for  those  who  have  called  on  the  FTC  to  help  eliminate  the 
other  phone  scourge  —  political  robocalls  —  the  new  rule  will  not 
help.  Calls  from  political  campaigns  are  considered  protected 
speech,  an  FTC  representative  said. 

Ultimately  consumers  may  get  some  help  from  state  legislatures,  as 
many  are  regulating  or  looking  to  pass  laws  for  more  control  over 
automated  or  robocall  computer-generated  phone-calling  campaigns. 
One  group,  the  National  Political  Do  Not  Contact  Registry,  is  campaign¬ 
ing  to  outlaw  political  robocalling  altogether. 


Meanwhile,  the  FTC  also  adopted  a  regulation  changing  the  way 
telemarketers  use  the  phone.  No  doubt  if  you  have  received  an  unso¬ 
licited  telemarketing  call,  there  is  a  delay  in  the  time  when  you  pick 
up  and  say  “hello”  and  the  response  on  the  other  end.  Sometimes  no 
one  answers  at  all. 

This  situation  is  called  “call  abandonment”  by  the  FTC  and  it  has 
tweaked  its  enforcement  of  such  delay  or  nonresponses.The  TSR 
requires  that  at  least  97%  of  a  telemarketer’s  calls  be  answered  in  per¬ 
son  and  get  connected  to  a  salesperson  within  two  seconds  after  a 
consumer  answers. 

Call  abandonment  is  a  side  effect  of  very  efficient  telemarketing 
equipment  called  predictive  dialers.  These  place  calls  in  anticipation 
that  a  salesperson  will  become  available  by  the  time  one  of  the  num¬ 
bers  called  is  answered,  the  FTC  said. 

Here,  though,  the  FTC  is  making  a  more  subtle  change  that  many 
don’t  think  goes  far  enough.  While  retaining  the  97%  requirement,  it 
will  now  calculate  call  abandonment  over  a  30-day  period,  rather  than 
on  a  daily  basis,  which  has  been  the  case. The  change  will  permit  the 
use  of  smaller  calling  lists  than  before  without  an  appreciable 
increase  in  call  abandonments,  the  FTC  claims.  It  will  let  all  sellers  tar¬ 
get  their  calling  campaigns  to  consumers  most  likely  to  be  interested 
in  their  offer,  and  will  benefit  small  businesses  that  have  smaller  cus¬ 
tomer  lists  in  particular,  the  FTC  said.  The  modified  method  for  mea¬ 
suring  the  maximum  allowable  rate  of  call  abandonment  will  become 
effective  on  Oct.  1 , 2008. 

The  new  rules  come  in  part  from  more  than  14,000  comments  the 
agency  received  on  the  subjects  since  it  last  changed  or  proposed 
changes  to  the  rules  in  2006. 

Cooney  is  the  author  of  the  Layer  8  blog  and  an  Online  News  Editor. 
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Evolve  your  telephony  with  software  and  leave  the  PBX  in  place 


Transition  to  VoIP  with  innovative  software  from  Microsoft.  applications.  A  software-powered  VoIP  solution,  based 
Software  that  integrates  with  Windows  Server  Active  Directory  on  Microsoft  Office  Communications  Server  2007,  helps 
services,  Microsoft  Office,  and  Microsoft  Exchange  Server.  you  increase  the  productivity  and  flexibility  of  your 

Keep  your  existing  PBX  hardware  and  still  get  new  voice  workforce — especially  your  mobile  users.  Change  the 

capabilities  like  drag-and-drop  conferencing,  anywhere  way  you  communicate  without  switching  your  switch, 
access,  and  click-to-call  functionality  from  familiar  desktop  Learn  more  at  microsoft.com/voip 
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The  HP  Color  LaserJet  CM6040  MFP  can  help  you  take 
control  of  printing  and  copying.  With  tools  like  Web 
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desk  calls  with  automatic  toner  and  maintenance  alerts 
It's  part  of  a  new  breed  of  workflow-enhancing  MFPs 
from  HP.  That's  alternative  thinking  about  printing. 
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